Update for MacOS brings back bugs

Apple's latest bug fix for High Sierra could do more damage than good

Apple's Mac OS has been plagued with bugs recently, but experts believe that an update that supposedly eradicates problems actually brings them back.

Last week, Apple confirmed that its High Sierra operating system was exposed to a bug that meant anyone could access highly secure computers by hitting a few keys.

A crook just had to type in the user name "root" with no password, and then they'd get full access to locked settings and content.

Of course, the company took the severity of the situation seriously, finding and deploying a bug within a day. However, it may do more damage than good.

According to Wired, when some users have installed MacOS 10.13.1, they've complained of scenarios where the bug has reinstalled itself.

And there are many people out who may not be aware of the the severity of the issue. In most cases, the update downloads automatically, so users may not know that their PC is still flawed.

This means that criminals with relatively little technical and hacking experience can compromise Mac systems. Apple has said users may need to restart their systems.

"If you recently updated from macOS High Sierra 10.13 to 10.13.1, reboot your Mac to make sure the Security Update is applied properly," recommended the firm.

Chris Day, chief cyber security officer at Cyxtera, explained that the bug means almost anyone can take control of Mac systems.

"Apple just issued a patch for the macOS High Sierra Bug that was revealed on Tuesday. The bug enabled anyone to login to a system as the "root" superuser with an empty password field and a view clicks. Root privileges provide the deepest level of access," he said.

"If an adversary were to exploit this bug, they could login as the owner of the computer and take full control of all functions, like adding administrators, changing critical settings, locking out the current owner, and so on."

He added: "While it's good that a patch is now available, it is an old way to approach the larger issue of network security. A patch, which may or may not be applied in a timely way, is reactive. We need more proactive tools for protecting networks from illegitimate users.

"A software defined perimeter approach is gaining momentum because it uses a ‘least privileged' approach to granting network access."