MacOS High Sierra Bug Creates a Major Security Threat


MacOS High Sierra users were on high alert after a “huge security issue” was recently discovered.

On November 28, Turkish software developer Lemi Orhan Ergin posted on Twitter that he found a fatal flaw that severely compromised security. According to him, the glitch allowed unauthorised access to Mac computers, which can seriously compromise a user’s data assets.

If anyone within your organisation currently uses High Sierra, you’ll want to know the full implications and follow some critical steps to immediately resolve the situation.

The Details

What’s disturbing about this bug is just how easily it can be exploited. Anyone can bypass a computer’s locked settings by simply entering the word “root” as the username and skipping the password.

Just like that, an attacker can unlock the computer and have full access to all of its features and information. They can also turn off integral security features such as encryption as well as the firewall.

From there, they can take control and use the computer and the data on it for whatever purpose they like.

What’s really scary is that a cyber criminal doesn’t necessarily need to have physical access to a Mac in order to carry out an attack. In some cases, they may be able to access it remotely if screen sharing has been enabled.

Note that this bug doesn’t impact any of the older operating systems like the original Sierra, El Capitan, etc. It’s limited exclusively to High Sierra, which was released on September 25.

Implications of the Threat

Needless to say, there can be some devastating consequences if an attacker is able to gain unauthorised access to even one of your company’s computers.

One of the biggest issues that can arise is the unauthorised disclosure of information. This could include the leaking of sensitive customer/employee data, proprietary information or even trade secrets.

Cyber criminals can exploit this information in a variety of ways, which can lead to a loss of productivity, profitability and even brand equity. In a worst-case scenario, a business may even have to close its doors.

In fact, 60 percent of all companies end up going out of business within six months of a cyber attack.

Apple’s Response

Apple quickly acknowledged the issue and released the following statement:

“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS. We greatly regret this error and we apologise to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”

Their developers rushed to come up with up a software patch, which came out roughly 18 hours after the bug being initially reported.

However, the patch wasn’t without issue. WIRED reports that the patch had a serious glitch of its own.

According to them, “Those who had not yet upgraded their operating system from the original version of High Sierra, 10.13.0, to the most recent version, 10.13.1, but had downloaded the patch, say the ‘root’ bug reappears when they install the most recent macOS system update.”

On top of that, some users will still have the problem until they reboot their computer (though Apple provided no warning that a reboot was required).

Although Apple was swift in its response and took full responsibility for the bug, the software patch didn’t immediately resolve the problem for all users, making the collective frustration and concern of Mac users understandable.


Ensuring You’re Safe

Just to be clear, you should do the following if any of your organisation’s computers were affected.

  1. Update to the newest version of High Sierra
  2. Re-install the security fix
  3. Reboot your computer

Note that rebooting is essential, or you’ll still be at risk.

Tips for Maintaining a Secure Environment

The High Sierra bug is a stark reminder that there is no perfect software. Even though Apple places a strong emphasis on security and has some of the most talented developers on the planet, there are never any guarantees that software is completely flawless.

Therefore, you need to do everything within your power to maintain a secure environment at all times.

This usually starts with implementing a policy that specifically addresses access control. For instance, you might mandate that your employees use strong passwords for unlocking their computers and that they update those passwords routinely.

You may also require your staff to install new software patches to keep their operating systems running smoothly and securely.

Using a Firewall

You can also mitigate your risks and prevent unauthorised access by using a quality firewall. This tightens the reins of access and greatly reduces the chances of unintended third-parties gaining control to your organisation’s data assets.

Modern firewall solutions are more robust than ever and can provide you with advanced security for a variety of applications including email, video and multimedia programs.

Ideally, you’ll use a hardware-based firewall rather than software-based because it will protect all of the computers on your network simultaneously. It’s also very flexible and scalable, which is important when you’ve got a growing company.

BYOD Concerns

Another key area you need to address is mobile security.

With Cybersecurity Ventures predicting that Wi-Fi and mobile devices will account for roughly 80 percent of all IP traffic by 2025, it’s crucial that your employees follow mobile security best practices.

This is especially vital if you have a BYOD-based culture where employees are using their own personal devices for work purposes. The inherent portability of mobile devices makes them especially prone to theft, which can create some real security headaches.


Some ways to reduce BYOD risks include:

  • Using secure access controls
  • Requiring employees to only connect to trusted networks
  • Turning off Wi-Fi and Bluetooth when not in use
  • Never storing financial data on a mobile device
  • Subscribing to a device locator service so that it can be tracked if it ever goes missing
  • Using data erasure services so that information can be wiped clean if needed

Even if theft does occur, you’ll have a quick plan of action and can minimise the damage.

Avoiding Phishing Attacks

Another common way that cyber criminals gain access to sensitive information is through phishing attacks. In fact, 91 percent of all attacks originate with phishing emails, and they increased by a staggering 65 percent between 2015 and 2016.

What’s scary is just how sophisticated they’ve become. Even individuals who understand the fundamentals of phishing emails often struggle to determine the difference between one that’s bogus and one that’s legitimate.

Recent research even found that a whopping 97 percent of people are unable to identify a sophisticated phishing email, which can really put your organisation at risk. Many of these emails use elements of psychological persuasion where they impersonate a person or an organisation of high authority and urge immediate action.

So it’s easy to see why even the best and brightest get fooled from time to time.

That’s why it’s vital to properly educate your staff on the right way handle emails.

This begins with instructing them not to open untrusted attachments or click on questionable links and to be incredibly careful about the information they choose to share. For instance, they shouldn’t provide password information, financial data or personal information.

Often phishing emails will ask a recipient to log onto a company website by clicking on a link within the email in order to update their account settings. But this is a trap that can be avoided by simply visiting the official site. To do so, either type in the URL or click on a trusted bookmark.

You may even want your employees to take part in an anti-phishing training program to ensure that they’re equipped with the knowledge to avoid even the most sophisticated of attacks.

A Clear Reminder

The MacOS High Sierra bug is a reminder of just how fragile security can be and that human error is an omnipresent factor.

If expert developers at Apple could make such a glaring mistake with their coding, just imagine all of the other potential issues that could jeopardise your company’s cyber security.

It also shows that you should never get lulled into a false sense of security and think that your organisation is immune to an attack. Instead, you should remain diligent and be proactive about continually securing your network and data assets.

When it’s all said and done, it’s about building an internal security culture that’s able to adapt and evolve in order to stay ahead of cyber criminals in this never-ending game of cat and mouse.

Was anyone in your company impacted by the High Sierra Bug? If so, please let us know about your experience:


Image Credits

Featured image: felipernaass / Pixabay

In-post image 1: StockSnap / Pixabay

In-post image 2: FirmBee / Pixabay





Ajay Unni

Ajay Unni is the Founder and Chief Executive Officer of Stickman. Ajay specialises in helping customers manage the growing threat of data breaches and compliance with globally accepted industry standards for data security and compliance. More articles by Ajay Unni

Take charge of your cybersecurity today, with Stickman.

Get in Touch