The latest version of Apple MacOS (High Sierra 10.13.1) has a vulnerability which may allow any person to physically log in to the computer with administrator privileges.
Apple has gotten on top of the issue, releasing a patch to fix the vulnerability. It was released initially as a manual download, but Apple is also rolling it out as an automatic update today. We recommend you check to see if the update is installed on any Macs running High Sierra 10.13.1. If it isn’t, download and install it manually. This patch doesn’t require a restart, so you can install it even if you’re in the middle of something.
- Open the Mac App Store.
- Go to “Updates”.
- If the patch is installed, it will be listed in “Last 30 Days” updates as “Security Update 2017-001”.
Even if your colleagues don’t use Macs, you might want to share this with them in case they’ve got a Mac at home. It’s not a run-about-and-panic problem, but it’s an important one to get on top of.