What Apple has fixed
High Sierra got off to a shaky start with some serious bugs, but the good news is that Apple has been on the case…
You’ve probably read all about the flaws in the earliest versions of High Sierra. Some were a good deal more serious than the usual minor bugs that crop up in any operating system release, but Apple has worked to address them in successive updates. This applies even to issues that weren’t its fault, such as the so-called Spectre and Meltdown chip vulnerabilities – fundamental design flaws in processors, including (but not limited to) the Intel processors used in Macs. Apple included ‘mitigations’ for these in 10.13.2 and newer.
The earliest reported problem was a flaw in keychain services, which meant that malicious code could steal the contents of your keychain, including critical passwords. The second was a bug that affected encrypted APFS volumes, APFS being the Apple File System, introduced in High Sierra and applied automatically to your startup disk if it’s an SSD (though that specific volume is only optionally encrypted). When such a volume was mounted and you were prompted for its password, the password itself was displayed, in plain text, instead of your password hint. Both of these (and other bugs) were fixed in updates – see bit.ly/hs-suppupdate and bit.ly/hs-password-fix.
A grass-roots issue
The ‘root user’ vulnerability enabled anyone to gain administrative access to your Mac simply by logging in with the username ‘root’ and leaving the password blank. Apple fixed this in Security Update 2017-001. Ironically, installing the first release of this update could itself disable macOS’s File Sharing feature. Apple issued a separate support note with instructions on how to get it working again: bit.ly/repair-fileshare. A revised update is now available, but you won’t need it if you’ve updated to 10.13.3 (or later), as this version includes both fixes.
Our best advice is to keep up with the latest macOS updates and install them at once. It’s true that updates often break something else, and we’d normally suggest holding back a week or so, and checking online forums to find out what issues – and what fixes – early adopters have found. It’s your choice, but with such serious vulnerabilities having been discovered in High Sierra already, we recommend keeping it up to date. Make frequent backups and you’ll have the option of stepping back if an update causes you problems – remember that Time Machine paired with macOS Recovery provides the option of rolling back your system to an earlier version.
To check for updates, Go to the Mac App Store’s Updates tab. Note, however, that some critical security fixes are released as automatic updates. By default, your Mac checks for these fixes daily, and when an automatic security update is available, it installs automatically and displays a notification to tell you so. You therefore won’t see those updates in this tab.
To ensure you get these fixes, open System Preferences’ App Store pane and make sure these three options are enabled: ‘Automatically check for updates’, ‘Download newly available updates in the background’, and ‘Install system data files and security updates’.
We’d normally suggest holding back to find out what issues early adopters find, but based on past issues, we suggest updating High Sierra quickly