Apple's attempts to fix a bug in its macOS operating system that allowed a user to log in as root without a password appear to have turned into a comedy of errors.
A blog post by security firm Malwarebytes said that the first fix issued to fix the problem resulted in file-sharing being turned off. This fix was named Security Update 2017-001.
Given the severity of the original bug, the update was pushed out automatically for both macOS 10.13.0 and 10.13.1.
Apple then released a technical explanation about the file-sharing issue and re-issued a fix, again labelled Security Update 2017-001.
{loadposition sam08}"Yup, that’s a second Security Update 2017-001, not Security Update 2017-002. Thus, people who had already installed Security Update 2017-001 found themselves wondering why they had to install it again," said Malwarebytes researcher Thomas Reed.
"Fortunately, again, the update was automatic. So if you didn’t do it manually, your confusion wasn’t going to keep you from getting the update."
But the confusion did not end there. The security update could be applied to both 10.13.0 and 10.13.1. But anyone who had the patch applied to 10.13.0 and then updated to 10.13.1 found that the first bug — allowing root access without a password — surfaced again.
Anyone who assumed that since the patch existed for 10.13.1 too, it would be applied automatically again, was in for a nasty surprise, Reed said.
Even if that took place, users were still vulnerable to the original bug unless they restarted their machines.
"Since the update doesn’t require a restart, and since many Mac users can be rather averse to restarting, this means that people upgrading from 10.13.0 to 10.13.1 could easily end up being vulnerable to this bug for weeks or months, until they next decide to restart," Reed said.
He said over the weekend, Apple released a fix and added a mention of the problem to their notes on Security Update 2017-001.
"Rather than releasing yet another iteration of Security Update 2017-001, Apple added a fix to the MRT application. MRT, which stands for Malware Removal Tool, is not something Apple talks about, and little is known about exactly how it works," Reed noted.
"If you’re wondering why Apple would release a fix for this bug in MRT, that’s an excellent question. It doesn’t seem to make much sense and feels a bit like a hack to me. My guess is that MRT was something that could be easily and quietly updated, so that’s what they did."