CUPERTINO, Calif. — Apple released a security update Wednesday to fix a major bug that allowed anyone to bypass security protocols and act as a computer’s administrator.
“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS,” a spokesman for Apple said in a statement.
“When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole.”
The security issue impacted macOS High Sierra 10.13.1. Apple said the update is now available for download and will be rolled out automatically to all systems running the affected software.
On Tuesday, developers noticed someone with access to a Mac computer running Apple’s most recent Mac software could type “root” and no password in the Users & Groups section of System Preferences and gain administrator-level access to the computer.
That meant a person could download malicious software or otherwise compromise the computer.
Exploiting the bug required physical access to the computer, unless a user had enabled Remote Desktop.
To update your computer, visit the App Store on your Mac and click “Updates” in the toolbar at the top of the window.
“We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused,” the Apple spokesman said.
“Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”AlertMe