Security Update 11-29-2017

Craig Treleaven ctreleaven at cogeco.ca
Thu Nov 30 16:11:53 UTC 2017


Thanks for the report, but could you clarify?  Are the crashes with an 10.13.1 host that has the Security Update applied?  Or an Updated 10.13.1 guest?  Are you saying that you were using dscl from the command line or that Parallels was calling it and crashing?

I presume this is under Parallels Desktop 13?  I have 13.2.0 (43213).

Craig

> On Nov 30, 2017, at 11:01 AM, S. L. Garwood <slgarwood at icloud.com> wrote:
> 
> Watch out for the update … it caused me some issues with Parallels Desktop. I got repeated crashes in dscl - the command line directory services utility. Apple must have plugged some thing Parallels was using. VMWare and VirtualBox are fine.
> 
>> 
>> Date: Wed, 29 Nov 2017 20:51:32 +0000
>> From: Chris Jones <jonesc at hep.phy.cam.ac.uk>
>> To: Ryan Schmidt <ryandesign at macports.org>
>> Cc: MacPorts Users <macports-users at lists.macports.org>
>> Subject: Re: High Sierra security advisory: set your root account
>> 	password
>> Message-ID: <01D969C9-5347-46FC-94AD-08B134033EF2 at hep.phy.cam.ac.uk>
>> Content-Type: text/plain; charset="utf-8"
>> 
>> Hi,
>> 
>> A security patch is now available, so the work around is no long needed. See
>> 
>> https://support.apple.com/en-gb/HT208315
>> 
>> Chris
>> 
>>> On 29 Nov 2017, at 12:42 am, Ryan Schmidt <ryandesign at macports.org> wrote:
>>> 
>>> A vulnerability was discovered in macOS High Sierra (10.13, 10.13.1, 10.13.2 beta) today that allows an attacker to gain root access to your system if your root account is disabled and has no password set (which is the default). If you are running High Sierra, please mitigate this attack by enabling your root account and setting a strong password for it.
>>> 
>>> https://support.apple.com/en-us/HT204012
>>> 
>>> https://www.macrumors.com/2017/11/28/macos-high-sierra-bug-admin-access/
>>> 



More information about the macports-users mailing list