Apple has identified a vulnerability within OS X High Sierra that allows unauthorized users access to a computer without inputting a password. This issue was already mitigated on all ITS managed Mac devices.
What do you need to do?
Verify that you are using OS X High Sierra: Click the Apple menu, select About This Mac, and confirm that it lists High Sierra. If it does not, you do not need to take any further action; all other versions of OS X are not affected.
Whether you are on an ITS-managed or your personal Mac, if you have High Sierra, ITS strongly recommends that you immediately update your computer with Apple’s Security Update 2017-001. To do so, click the Apple menu and select App Store:
Once the App Store opens on your computer, click Updates at the top of your window, find Security Update 2017-001, and then install the software. Apple’s website includes additional instructions if needed.
Apple has communicated that the security update will be installed automatically throughout the day today on all Macs running High Sierra 10.13.1. If you do not see the update, it is possible that it was already installed for you. To confirm your machine has been updated, click the Apple menu, select About This Mac, click on Version 10.13.1 and confirm it lists 17B1002.
