Update 11/30: Apple has issued a new version of the update with the same version number that appears to fix the File Sharing authentication issue caused by the initial fix.
Following the discovery of a major security vulnerability yesterday, Apple this morning quickly released an update for macOS to address the problem. While the update does solve the critical hole, another issue has since appeared, related to file sharing…
In a support document published today, Apple explained that some users are experiencing issues authenticating and connecting when it comes to file shares on their Mac. The issue first started following the release of this morning’s critical security update and only affects macOS High Sierra 10.13.1.
On the support page, Apple outlines a fix for the file sharing issue that involves using Terminal:
Ultimately, as some have pointed out, this bug is a small price to pay for Apple’s quick turnaround time in fixing the serious “root” security hole. The file share problems should not be a reason to avoid installing today’s update either, especially with the above fix.
- Open the Terminal app, which is in the Utilities folder of your Applications folder.
- Type sudo /usr/libexec/configureLocalKDC and press Return.
- Enter your administrator password and press Return.
- Quit the Terminal app.
Of course, the ideal solution would be that the problem never made it to a final release of macOS in the first place, but that’s besides the point. We outlined the major security flaw yesterday, explaining that the hole allowed anyone with physical access to access and change personal files on your Mac. Apple has apologized for the oversight and we highly recommend you update immediately, no restart required.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.