Date: Dec. 1, 2017
A critical vulnerability was discovered on the MacOS ‘High Sierra’ 10.13.x on Nov 28. The vulnerability makes it possible to login with admin privileges without entering a password.
If you have a MacOS computer:
- confirm that you are running High Sierra. If not, your computer is not vulnerable and there is no need to update. If your computer is running High Sierra, follow the next step.
- install the available update from Apple, or ensure your computer is configured to automatically update. You can check the install has occurred by opening the App Store app, select Updates, and check to make sure there are no outstanding updates.
Other Remediation Actions
Some MacOS computers are configured to accept remote access attempts via the VNC protocol. With the existing vulnerability, remote unauthenticated access is possible so, as a temporary measure, the inbound VNC TCP port 5900 has been blocked at the University’s Internet gateway.