Apple Releases Emergency macOS High Sierra Update

Last Updated: 01/01/2018

Security Notice Level

SEVERE

Apple has released an emergency update for a macOS High Sierra (10.13) vulnerability that allows an attacker to take control of a system without credentials. This may be exposed remotely depending on the system configuration.

Affected Software

macOS High Sierra (10.13)
macOS Sierra (10.12.6) and earlier is not affected

Security Bulletin Name

Apple - Security Update 2017-001
US Cert - Vulnerability Note VU#113765

Additional Information

Additional information about this vulnerability can be viewed at:

https://support.apple.com/en-us/HT208315
http://www.kb.cert.org/vuls/id/113765

If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or help@colorado.edu.

Important definitions for this notice:
Urgent: severity represents a broad threat to the entire campus community including remotely exploitable administrator or root type attacks.
Severe: severity includes worms & web or email based exploits.
Important: severity includes viruses and local exploits for commonly used services.