If you have a Mac computer running MacOS High Sierra, you need to update your software right away. Otherwise, you risk letting strangers gain access to your computer with very little effort.
Known as the MacOS High Sierra “root bug,” this security hole affecting machines running High Sierra allows anyone to change security settings on your machine by simply typing the word “root” into the username field and hitting “return” twice. It was brought to light Tuesday by software developer Lemi Orhan Ergan and his coworkers.
As of Wednesday morning, a software update that fixes this bug is available for download and does not require users to restart their computers. To download the update, simply open your App Store and click the “updates” icon at the top of the window. You should then see a prompt to download the update.
The severity of this bug has led to criticism from the cybersecurity and software development communities about Apple’s unwillingness to implement a “bug bounty” program for macOS. Theoretically, that sort of program would allow experts to discover bugs before Apple releases major software updates.