Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability

Lots of FanDroids on this forum.
You’re welcome of course.
Bottom line is that Apple will sell as many iPhones X in 2 days preorders as Google will sell in entire year ...
Good or bad, Pixel 2 is doomed in Android world, Samsung has this market firmly established for themselves.
As the saying goes - good try, but no cigar...
 
  • Like
Reactions: lkrupp
plexdk said:
Remember WinFS that got cancelled after several years work, at Microsoft? I think its a pretty impressive migration by Apple. I expected a lot worse.
Click to expand...
Except WinFS was going to be something much bigger than just another filesystem. It was much more esoteric. Just google it and find out. If they managed to do it, they would have been 10 years ahead of competition.

Going back to the subject, NTFS for Windows is what APFS is for macOS. It was developed long time ago and is very robust. It's Apple playing catch up here.
 
  • Like
Reactions: Dropbrian, robeddie and djcristi
Speaking of passwords <weak segway> HS installer forced me to change my password so that it is different to my iCloud account. Yesterday macOS changed the login password back out of the blue - login and iCloud now have the same password.

Anyone else have this worrying problem? My disk isn't file-vaulted but if it is then everything could be at risk if passwords are changing themselves.

I've reported filed a bug report to la pomme.
 
Merode said:
Going back to the subject, NTFS for Windows is what APFS is for macOS. It was developed long time ago and is very robust. It's Apple playing catch up here.
Click to expand...

You have absolutely NO idea what you're talking about
 
My MacBook Pro 15TB has been stuck with a black screen with the rotating waiting circle while installing this Supplemental Update. Anyone else having problems with its installation? I’ve waited about 20 minutes.
 
Last edited:
MacRumors said:



Apple today released a supplemental update to macOS High Sierra 10.13, the first update to the macOS High Sierra operating system that was released to the public in late September. The macOS High Sierra 10.13 update comes just over one week after the release of macOS High Sierra.

The new version of macOS High Sierra 10.13 is a free update for all customers who have a compatible machine. The update can be downloaded using the Software Update function in the Mac App Store.

macoshighsierra.jpg

The supplemental macOS High Sierra 10.13 update addresses a software vulnerability that could expose the passwords of encrypted Apple File System volumes in plain text in Disk Utility.

Apple has released a support document alongside the Supplemental Update that walks users through the process of protecting their data if macOS High Sierra is showing a password instead of a password hint on an encrypted APFS volume.

Steps include installing the new update, creating an encrypted backup of data for the affected volume, erasing the drive, reformatting to APFS, then APFS (Encrypted), and finally restoring the data that was backed up.

A separate security support document says that the update also fixes a vulnerability that could let a hacker steal the usernames and passwords of accounts stored in Keychain using a malicious third-party app.

And finally, according to the release notes accompanying the update, it also improves installer robustness, fixes a cursor graphic bug in Adobe InDesign, and resolves an issue where messages couldn't be deleted from Yahoo accounts in Mail.

macOS High Sierra introduces a new more modern file system designed for flash storage (APFS), Metal 2, Safari improvements that protect user privacy and prevent autoplay videos, and improvements to several apps like Photos, Mail, Notes, and more.

Article Link: Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability
Click to expand...
????????????????????????????????????????????????????????????????????????/
I don't want to read any doc...I want clear link to the update.....is that not logical???
 
jbattan said:
My MacBook Pro 15TB has been stuck with a black screen with the rotating waiting circle while installing this Supplemental Update. Anyone else having problems with its installation? I’ve waited about 20 minutes.
Click to expand...

After about 25 minutes, I hard powered off, booted up, it did an fsck boot, and things appear fine. The Mac App Store shows the update was installed. Whew!
 
EdwinRojas said:
But does it address the new file system issue with non-compatibility with Fusion Drives?
Click to expand...

How about reading the release notes.
[doublepost=1507304014][/doublepost]
Phil in ocala said:
????????????????????????????????????????????????????????????????????????/
I don't want to read any doc...I want clear link to the update.....is that not logical???
Click to expand...

What's even more logical is that you go to the App Store and tap Updates. There is no pubic web link to download the update.
 
dickie001x said:
Why wasn't this released as 10.13.1?
Click to expand...

Not that numbering is all that important in the big scheme of things, but 10.13.1 is currently in beta test, with a different set of fixes, features, etc.

Now, you might ask, "Why didn't they release it as 10.13.0.1, rather than 10.13 (17A405)?" The short answer is, Apple does not use this numbering practice for OS X/MacOS, although they do use it for iOS. Why? I don't know. Maybe there's a memo from Steve Jobs saying that "Thou shalt not give OS X dot dot dot version numbers," but there isn't a similar one for iOS?
 
MacRumors said:



Apple today released a supplemental update to macOS High Sierra 10.13, the first update to the macOS High Sierra operating system that was released to the public in late September. The macOS High Sierra 10.13 update comes just over one week after the release of macOS High Sierra.

The new version of macOS High Sierra 10.13 is a free update for all customers who have a compatible machine. The update can be downloaded using the Software Update function in the Mac App Store.

macoshighsierra.jpg

The supplemental macOS High Sierra 10.13 update addresses a software vulnerability that could expose the passwords of encrypted Apple File System volumes in plain text in Disk Utility.

Apple has released a support document alongside the Supplemental Update that walks users through the process of protecting their data if macOS High Sierra is showing a password instead of a password hint on an encrypted APFS volume.

Steps include installing the new update, creating an encrypted backup of data for the affected volume, erasing the drive, reformatting to APFS, then APFS (Encrypted), and finally restoring the data that was backed up.

A separate security support document says that the update also fixes a vulnerability that could let a hacker steal the usernames and passwords of accounts stored in Keychain using a malicious third-party app.

And finally, according to the release notes accompanying the update, it also improves installer robustness, fixes a cursor graphic bug in Adobe InDesign, and resolves an issue where messages couldn't be deleted from Yahoo accounts in Mail.

macOS High Sierra introduces a new more modern file system designed for flash storage (APFS), Metal 2, Safari improvements that protect user privacy and prevent autoplay videos, and improvements to several apps like Photos, Mail, Notes, and more.

Article Link: Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability
Click to expand...
[doublepost=1507313590][/doublepost]So with what amounted to an emergency "Supplemental Update" yesterday to address the disgusting performance issues with 10.13, I have never had to implement such an update just a couple days after release. They should have just waited until November when staff is done moving into new HQ. It's so obvious from the description posted yesterday that the Ball was dropped on this. I'm very disgusted because I basically lost a whole week of productivity not being able to operate at peak or normal conditions. I should send them an invoice. I had to postpone 2 Website Jobs because Macs were crashing 2-3 times a day. Hope this works.
 
Did anyone have the problem where the supplemental update did not appear in software update when running either the final beta version or the beta of 10.13.1.? I don’t want the keychain bug, i just can’t get the file to fix it.
 
Kashchei said:
Did anyone have the problem where the supplemental update did not appear in software update when running either the final beta version or the beta of 10.13.1.? I don’t want the keychain bug, i just can’t get the file to fix it.
Click to expand...

No, it's only available for the 10.13 public release, not the pre-release betas or the 10.13.1 beta. I'd assume the next 10.13.1 beta release will incorporate the update. I'd also assume that they wouldn't issue a patch for a pre-release beta, as they'd have to test the patch on those versions - seems a waste of effort.
 
Kashchei said:
Did anyone have the problem where the supplemental update did not appear in software update when running either the final beta version or the beta of 10.13.1.? I don’t want the keychain bug, i just can’t get the file to fix it.
Click to expand...
These are expected situations. The beta is a later version of the operating system so the supplemental update does not apply. You can assume that the next 10.13.1 beta will include these fixes if it does not already.
If you're still on the last beta of 10.13, you need to download the full installer and use that. You won't receive any non-beta updates from the beta.
 
ApfelKuchen said:
No, it's only available for the 10.13 public release, not the pre-release betas or the 10.13.1 beta. I'd assume the next 10.13.1 beta release will incorporate the update. I'd also assume that they wouldn't issue a patch for a pre-release beta, as they'd have to test the patch on those versions - seems a waste of effort.
Click to expand...
Thank you very much!
 
Merode said:
Except WinFS was going to be something much bigger than just another filesystem. It was much more esoteric. Just google it and find out. If they managed to do it, they would have been 10 years ahead of competition.

Going back to the subject, NTFS for Windows is what APFS is for macOS. It was developed long time ago and is very robust. It's Apple playing catch up here.
Click to expand...

To name a few:

Its the way its doing the data indexing. When you copy one file from one place to another on the disk, it takes 0 secs.

If the same file is present twice, it only takes the space of one copy. That's why we get tens of gigs more extra space, when migrating to this new file system. Also since APFS is block based, blocks that are not being modified of a file, will stay in its original state, which is cause for more space optimization.

It also has better encryption (dont know the encryption features of ntfs these days).
It's safer from dataloss when writing files (old data won't get released, until new data is saved ok).
 
Just had to restore my late 2013 MBP because everything was going haywire after updating from El Cap.

Random log-outs, Safari freezing and crazy overheating. I would NOT advise anyone to install this on their main machine. Got tempted to do so after seeing the keychain fix, but I'm better off with out-of-date software.
 
EdwinRojas said:
But does it address the new file system issue with non-compatibility with Fusion Drives?
Click to expand...
That will not happen until 10.13.1 which is currently in early Beta stage
[doublepost=1507367703][/doublepost]
Cougarcat said:
This bug also exists on Sierra, so I hope they release a security update for it as well.
Click to expand...
I believe this bug only applies to High Sierra. So often when a new release comes out serious bugs arise. Remember OS X Mavericks 10.9.1 with the SSL issue.
It is often worth waiting until at least the third point update to ensure stability.
 
Last edited:
Guy Clark said:
I believe this bug only applies to High Sierra. So often when a new release comes out serious bugs arise. Remember OS X Mavericks 10.9.1 with the SSL issue.
Click to expand...

What are you basing that on? I've seen others say the keychain vulnerability affects El Cap and Sierra too... it's pretty bad if Apple don't fix it for those as well if so, IMHO. As you refer to, High Sierra is only just out, not everyone either wants or is able to upgrade immediately. It would be good if Apple were more forthcoming about things like this - and at least state categorically if 10.11 and 10.12 are affected or not.

Edit: The guy who apparently reported the vulnerability to Apple ages ago reportedly says other versions of Mac OS are affected. Apple need to issue fixes for this.
 
Last edited:
  • Like
Reactions: Negritude, steve333 and Cougarcat
Porco said:
What are you basing that on? I've seen others say the keychain vulnerability affects El Cap and Sierra too... it's pretty bad if Apple don't fix it for those as well if so, IMHO. As you refer to, High Sierra is only just out, not everyone either wants or is able to upgrade immediately. It would be good if Apple were more forthcoming about things like this - and at least state categorically if 10.11 and 10.12 are affected or not.

Edit: The guy who apparently reported the vulnerability to Apple ages ago reportedly says other versions of Mac OS are affected. Apple need to issue fixes for this.
Click to expand...

Yep, Apple needs to fix this also for older versions, but unfortunately Apple seems to care less and less about those who are running older versions than the latest and greatest (and all too often the buggiest).
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back