01 December 2017
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.3071 Security Update 2017-001 1 December 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apple High Sierra Publisher: Apple Operating System: Mac OS Impact/Access: Root Compromise -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-13872 Reference: ESB-2017.3030 Original Bulletin: https://support.apple.com/kb/HT201222 Comment: Security Update 2017-001 is now available - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-11-29-2 Security Update 2017-001 Security Update 2017-001 is now available and addresses the following: Directory Utility Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1 Not impacted: macOS Sierra 10.12.6 and earlier Impact: An attacker may be able to bypass administrator authentication without supplying the administrator's password Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation. CVE-2017-13872 Entry updated November 29, 2017 To confirm that your Mac has Security Update 2017-001: 1. Open the Terminal app, which is in the Utilities folder of your Applications folder. 2. Type "what /usr/libexec/opendirectoryd" and press Return. 3. If Security Update 2017-001 was installed successfully, you will see one of these project version numbers: opendirectoryd-483.1.5 on macOS High Sierra 10.13 opendirectoryd-483.20.7 on macOS High Sierra 10.13.1 If you require the root user account on your Mac, see https://support.apple.com/HT204012 for information on how to re-enable the root user and change the root user's password. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlofoispHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEarCRAA pbHH3yMF6yhH6uqAMVVSY3RNpV5hG3N2DCkNxNFq1be3qfbOmEs4oiYV7rGK8eGr blcaUmdZd7NVayQ5NW6ceQh3HuTBhY7/zYnidFnAGRKtQ3LTcVCwP8ayU94/NO36 E1ZQSqv6U0sQPLlyaNQ3gEko6zXp2lHcfI9l8hCCb+t8RpCAC4OUBSsqWoZIR4Gm xe7yi0NMYTvsMtN79eUz1ACbPCABHBkZqiOW8VGqSMdAMt/DgGjEJl0mjHe1jzoT DUCgXPi5N6VA5E/Y1sfx0WE+pJPBrAGK0ByLVBSPI+rP9PjYtVaJMMhYrwXdcK8G b9Q8ahalPrwD1wyob3Gtz0yFjc1b/0XmG/BkuR3DbOSAAz38bS6rG7O8UtUTbxPU Tx8CGYnadj2fPYGYPZw5kbm7Z2mqMq4nua49E4fuUDyPd1Tu5R85MgCnKs1ZvbPu /zCvWvGVJiOWVerATjkkYW3zm9RQeIs/MI3yU8eY8BOwMpSqtvsJhwaTGonP3+tL zft8eDtr9Ogu6pmo/XVmJIHfd8op9htqB5Pa9iiwnvmf9avuxuqRrg7C6jSRodkt LoCzBrvabpdVKf8RwtPTmdoa0PGURBPSpGqcv4qojPo6Llj4G1z9Fy52kU4o4JHC l59EGKk1652UKaQ+lE6X/Zl5wZ9Pv7/Gkftg1BFwtr4= =qhqE - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to email@example.com and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: firstname.lastname@example.org Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWiC+zox+lLeg9Ub1AQjaiw//UK2kOdmE4jTDVSXely6s1xIvhcm7tJVt tee5izmG8JyDT9FPkWiVkJrDxjmHLEFKPAfY5TsfcOdPz6SVSg0EbdyTfuQRLbik 67KRxL7qLXLbLsQFqUSr3Auc5NDCEmag8kVAt1wCTbDBxLLX+zXn2JUcinHMH8Go vUS6SMM/BVOqTiklsbvKB1tEGyJtxbTrvibbV4wIp5OY5NnAF7c7gBtdzaDn+flx vwbpK8IIOeQgqZMQWJWk5oe2A3xDdAzZipmNHXBlBWMqTWsv8fHbaYMuUicqWlH5 IQTePdqiOlEdZnV4v9skg2tRcAm5HGPXzjBL6bDgReh1d+J5FXp3h0r7kAtrtgGM bBxLYENCtC9E5bI7M9liWYJj4YpfwlF5V8N9rUwtznD/S70epwGl7Jk3mbzfXZ3j FGhDr92LixhK0rbPNaZ1xpqwl8VkHLW4b0pmXvxdKH6pVwgJaE66RmiFwBNnFoRU 3OcgmUQ2SmM0yJWf1QjOnsrCUTLxCeMRmAy9u/2CpyjFcj5/z3T4boVXFSIo4oPf t3QERCodBs+JUb2zUE2NVAPm1Jgx5wQJz79tK21n1Ja9aoqTF4duS7xhwQYDKEGG YCcl3uZM3wfStyJSpHp9epCHzgdok4ytH3K9sYcquX3KXoB3oW+/J/js6vJZbPYe 417jqC30HUo= =MUhn -----END PGP SIGNATURE-----