Installing a Mac OS update could be considered a security risk? That makes little sense since the security risks you're alluding to were solved by updates. 10.13.2 partially fixed the Intel problem in December and 10.13.3 will have more fixes. If you were still running 10.13.1, you'd have both the root login bug and the Intel security issues.
The Mac OS version out right now is more secure than the previous minor or major version. There really isn't any credible evidence to the contrary.
It's irresponsible to not update your system. I understand not moving up to a new version of an OS because of compatibility issues (i.e. audio interfaces often are sluggish to update, libraries you need might not work, etc.,) but not updating because of security fears -- that's just ridiculous. 10.13.3 is more secure than 10.12.2.
Also, in order to "exploit" the reported bug, you would have to already be signed into the computer AS AN ADMIN. Which means that you could already change the updating behavior. So unless you are sharing your admin login/account with non admin users, the risk you cite is pretty trivial.
If you are in a higher risk computing environment, it would be logical that you would sign out of your account after you've finished using the system -- you would essentially have to provide an unauthorized person access to your Mac while you were signed in before this would be an actual threat. That doesn't make the bug less "real," but it does make the real-world security ramifications much less dire than being implied.
>If you are in a higher risk computing environment, it would be logical that you would sign out of your account after you've finished using the system -- you would essentially have to provide an unauthorized person access to your Mac while you were signed in before this would be an actual threat.
So, the most that can realistically happen is that if you leave your Mac unattended while logged in as Admin, a co-worker or friend might get in and install some app to play a prank on you.
I mean, unless somehow a malicious app has been approved on the Apple store and is available to download through the changed setting (and the "evil" co-worker/friend knows about it), but still the base security risk remains leaving the device unattended and making it phisically accessible by smeone else while still logged in as Admin.
briandear|8 years ago
How?
Installing a Mac OS update could be considered a security risk? That makes little sense since the security risks you're alluding to were solved by updates. 10.13.2 partially fixed the Intel problem in December and 10.13.3 will have more fixes. If you were still running 10.13.1, you'd have both the root login bug and the Intel security issues.
If you were still running Sierra, keeping Sierra updated results in solving the following security issues: https://support.apple.com/en-us/HT207483
The Mac OS version out right now is more secure than the previous minor or major version. There really isn't any credible evidence to the contrary.
It's irresponsible to not update your system. I understand not moving up to a new version of an OS because of compatibility issues (i.e. audio interfaces often are sluggish to update, libraries you need might not work, etc.,) but not updating because of security fears -- that's just ridiculous. 10.13.3 is more secure than 10.12.2.
Also, in order to "exploit" the reported bug, you would have to already be signed into the computer AS AN ADMIN. Which means that you could already change the updating behavior. So unless you are sharing your admin login/account with non admin users, the risk you cite is pretty trivial.
If you are in a higher risk computing environment, it would be logical that you would sign out of your account after you've finished using the system -- you would essentially have to provide an unauthorized person access to your Mac while you were signed in before this would be an actual threat. That doesn't make the bug less "real," but it does make the real-world security ramifications much less dire than being implied.
jaclaz|8 years ago
So, the most that can realistically happen is that if you leave your Mac unattended while logged in as Admin, a co-worker or friend might get in and install some app to play a prank on you.
I mean, unless somehow a malicious app has been approved on the Apple store and is available to download through the changed setting (and the "evil" co-worker/friend knows about it), but still the base security risk remains leaving the device unattended and making it phisically accessible by smeone else while still logged in as Admin.
unknown|8 years ago
[deleted]