Apple Releases macOS High Sierra 10.13 Supplemental Update With Fix for APFS Disk Utility Bug and Keychain Vulnerability

[Cougarcat]

Yep, Apple needs to fix this also for older versions, but unfortunately Apple seems to care less and less about those who are running older versions than the latest and greatest (and all too often the buggiest).

Looks like they’re working on it: https://forums.macrumors.com/threads/security-update-developer-beta-2017-001.2074802/

 

[Roadstar]

Looks like they’re working on it: https://forums.macrumors.com/threads/security-update-developer-beta-2017-001.2074802/

Great, they’re doing the right thing.

 

[allanfries]

Still experiencing the slow boot up/restart speeds after this update. Resetting the SMC and NVRAM hasn't fixed this. Hoping this is something that will correct itself with future updates. Other than this High Sierra has been a pleasure thus far.

 

[morsemoose]

Speaking of passwords <weak segway> HS installer forced me to change my password so that it is different to my iCloud account. Yesterday macOS changed the login password back out of the blue - login and iCloud now have the same password.

Anyone else have this worrying problem? My disk isn't file-vaulted but if it is then everything could be at risk if passwords are changing themselves.

I've reported filed a bug report to la pomme.

Same exact issue here. After installing the update, I couldn't log in with the password I created after that prompt following the initial installation of High Sierra. Eventually was able to log in with my previous password. Concerning to say the least...

 

[dolphin842]

Still experiencing the slow boot up/restart speeds after this update. Resetting the SMC and NVRAM hasn't fixed this. Hoping this is something that will correct itself with future updates. Other than this High Sierra has been a pleasure thus far.

Did you encrypt the APFS volume before installing 10.13? If you unencrypt the drive and then reencrypt via the FileVault prefpane, boot times should improve dramatically.

 

[stevenzli]

For some reason my login keychain went missing after installing this update - took me a few days to realize. Can someone confirm if this is only me or affecting others too?

 

[dolphin842]

My login keychain was intact, but all the Login Items that open on startup were gone... had to add them manually.

 

[allanfries]

Did you encrypt the APFS volume before installing 10.13? If you unencrypt the drive and then reencrypt via the FileVault prefpane, boot times should improve dramatically.

Didn't do anything but let it install, so No. Unless encryption turns on by default??

 

[dolphin842]

Didn't do anything but let it install, so No. Unless encryption turns on by default??

No encryption by default, so if you didn't manually encrypt the drive in Disk Utility before installing, then this particular issue isn't the source of the slow boot.

 

[Porco]

Looks like they’re working on it: https://forums.macrumors.com/threads/security-update-developer-beta-2017-001.2074802/

Unfortunately this didn't appear to include a fix for the keychain bug, from what I can tell (though it did fix a lot of other stuff):
https://support.apple.com/en-gb/HT208221
It would be good if Apple fixed this specifically, or at least told us why they're not (if something else fixed it, for example).

 

[chrfr]

Unfortunately this didn't appear to include a fix for the keychain bug, from what I can tell (though it did fix a lot of other stuff):
https://support.apple.com/en-gb/HT208221
It would be good if Apple fixed this specifically, or at least told us why they're not (if something else fixed it, for example).

The keychain vulnerability was fixed in the 10.13 supplemental update, which is the topic of this thread and predates the 10.13.1 update. Because it was already fixed, you don’t see it mentioned in the 10.13.1 update notes.
Supplemental update security notes are here: https://support.apple.com/HT208165

 

[Porco]

The keychain vulnerability was fixed in the 10.13 supplemental update, which is the topic of this thread and predates the 10.13.1 update. Because it was already fixed, you don’t see it mentioned in the 10.13.1 update notes.
Supplemental update security notes are here: https://support.apple.com/HT208165

Sorry, we were discussing it needing to be fixed in Sierra and El Capitan (I can see how that isn’t immediately obvious in my last post if you didn’t follow back the quotes).

I know it’s fixed already in High Sierra. That’s kind of my point - why hasn’t it been in the earlier OS versions in today’s big security update if they are affected too?

 

[chrfr]

Sorry, we were discussing it needing to be fixed in Sierra and El Capitan (I can see how that isn’t immediately obvious in my last post if you didn’t follow back the quotes).

I know it’s fixed already in High Sierra. That’s kind of my point - why hasn’t it been in the earlier OS versions in today’s big security update if they are affected too?

Apple often hasn’t fixed important security vulnerabilities in operating systems older than the current one. The “Broadpwn” vulnerability was only patched when 10.12.6 was released but not in the corresponding 10.10.5 and 10.11.6 security updates released at the same time. If you’re concerned about security, the only way to do it with Apple is to stay current.

 

[Porco]

Apple often hasn’t fixed important security vulnerabilities in operating systems older than the current one. The “Broadpwn” vulnerability was only patched when 10.12.6 was released but not in the corresponding 10.10.5 and 10.11.6 security updates released at the same time. If you’re concerned about security, the only way to do it with Apple is to stay current.

I understand, but it just seems perverse to leave out a fix for a bug so serious High Sierra got a special patch for it, whilst fixing a long list of other things.