Very serious macOS bug in “High Sierra”, version 10.13.0 or 10.13.1

There is a very serious macOS bug which you should fix immediately.


for step-by-step details.


Below is a message that was written for users in the Department of Cell & Systems Biology (thank you to Ryan MacDonald).

An extremely serious flaw in the latest version of Mac OS was publicized today. If you have a Mac running “High Sierra”, version 10.13.0 or 10.13.1, your computer is vulnerable. Please follow the steps below to protect your data.

“High Sierra” was released in September. Any new Mac purchased in the past two months has it. Previous versions of Mac OS, including “Sierra”, are not known to be affected. You can confirm which version you have by clicking the Apple menu / About This Mac.

Apple will certainly issue a patch in the next day or two, but until then we strongly recommend taking the following mitigating steps. This changes your machine’s root (master) password from blank to something you know. If you wish you can use the same as the password you use on your own account.


– Run the built-in Terminal app. It is in the Applications / Utilities folder, or search for Terminal using Spotlight.

– A terminal window will appear with a prompt, such as:
Somebody’s iMac:~ jonyappleseed$

– Into this window, type or paste:
sudo passwd root

– At the Password: prompt, enter your regular account password. No characters will be displayed as you type.

– Next you will be asked to enter a new password, and then to confirm it:
Changing password for root.
New password:
Retype new password:

– If this completes without error, you can close the Terminal program and relax. If it fails for any reason, repeat the steps. Note that the password you are creating won’t be needed to use the machine, it is only there to protect your computer from local and remote attack.

Over the next couple of days, check your computer’s App Store / Updates page for a proper fix from Apple.


Contact us if you have questions or need assistance with the steps above.