MacOS High Sierra 10.13.2 Update Released with Bug Fixes

Dec 6, 2017 - 34 Comments

macOS High Sierra 10.13.2

Apple has released macOS High Sierra 10.13.2 for the general public. The software update includes multiple bug fixes and is said to improve the stability, security, and compatibility of High Sierra, and is thus recommended for Mac users running High Sierra to update to.

Separately, MacOS Sierra and Mac OS X El Capitan users will find Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan available for their respective operating system releases. Those security updates are also recommended to install for Mac users running 10.12.6 and 10.11.6.

Specific issues mentioned in the release notes for MacOS High Sierra 10.13.2 include improvements for certain USB audio devices, VoiceOver Navigation for PDF files in Preview, and improving Braille displays with Mail app. Presumably the 10.13.2 final update also includes a permanent fix to the root login bug and networking bug that surfaced in prior versions of MacOS High Sierra.

How to Download and Update macOS High Sierra 10.13.2

Always back up a Mac before installing any system software update, the easiest way to do that is with Time Machine on a Mac.

  1. Pull down the  Apple menu and choose “App Store”
  2. Go to the “Updates” tab and choose to download and update “macOS 10.13.2 Update”

MacOS High Sierra 10.13.2 update

The High Sierra system software update is labeled with the update label “macOS 10.13.2 Update 10.13.2” in the Mac App Store.

Security Updates for macOS Sierra and Mac OS X El Capitan

Mac users running Sierra and El Capitan will instead find the “Security Update 2017-002 Sierra” and “Security Update 2017-005 El Capitan” available in the Updates section of the Mac App Store.

Though security updates are small, it’s still recommended to backup a Mac before installing them.

Security Update for macOS Sierra and El capitan

Mac users can also choose to download the macOS High Sierra Combo Update or regular update, as well as the individual security update packages, from here at Apple Support downloads. Using a Combo Update for updating Mac OS system software is easy but generally considered more advanced, and can be particularly beneficial for users installing the same update on multiple computers, or who are coming from an earlier version of the same system software release (i.e. 10.13.0 directly to 10.13.2).

MacOS High Sierra 10.13.2 Release Notes

Release notes accompanying the App Store download are brief, mentioning the following:

This update is recommended for all macOS High Sierra users.

The macOS High Sierra 10.13.2 Update improves the security, stability, and compatibility of your Mac, and is recommended for all users.

This update:

• Improves compatibility with certain third-party USB audio devices.

• Improves VoiceOver navigation when viewing PDF documents in Preview.

• Improves compatibility of Braille displays with Mail.

Enterprise content:

• Improves performance when using credentials stored in the keychain to access SharePoint websites that use NTLM authentication.

• Resolves an issue that prevented the Mac App Store and other processes invoked by Launch Daemons from working on networks that use proxy information defined in a PAC file.

• If you change your Active Directory user password outside of Users & Groups preferences, the new password can now be used to unlock your FileVault volume (previously, only the old password would unlock the volume).

• Improves compatibility with SMB home directories when the share point contains a dollar sign in its name.

Security Notes for macOS 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan

Multiple security relates patches and bug fixes have also been included for the software updates, according to security notes from Apple:

macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan

Released December 6, 2017

apache
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memory
Description: Multiple issues were addressed by updating to version 2.4.28.
CVE-2017-9798

curl
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Malicious FTP servers may be able to cause the client to read out-of-bounds memory
Description: An out-of-bounds read issue existed in the FTP PWD response parsing. This issue was addressed with improved bounds checking.
CVE-2017-1000254: Max Dymond

Directory Utility
Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier 
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13883: an anonymous researcher

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.
CVE-2017-13878: Ian Beer of Google Project Zero

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2017-13875: Ian Beer of Google Project Zero

IOAcceleratorFamily
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13844: found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (softsec.kaist.ac.kr)

IOKit
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation.
CVE-2017-13848: Alex Plaskett of MWR InfoSecurity
CVE-2017-13858: an anonymous researcher

IOKit
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues were addressed through improved state management.
CVE-2017-13847: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13862: Apple

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2017-13833: Brandon Azad

Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13876: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13867: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero

Mail
Available for: macOS High Sierra 10.13.1
Impact: A S/MIME encrypted email may be inadvertently sent unencrypted if the receiver’s S/MIME certificate is not installed
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2017-13871: an anonymous researcher

Mail Drafts
Available for: macOS High Sierra 10.13.1
Impact: An attacker with a privileged network position may be able to intercept mail
Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control.
CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH

OpenSSL
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read issue existed in X.509 IPAddressFamily parsing. This issue was addressed with improved bounds checking.
CVE-2017-3735: found by OSS-Fuzz

Screen Sharing Server
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6
Impact: A user with screen sharing access may be able to access any file readable by root
Description: A permissions issue existed in the handling of screen sharing sessions. This issue was addressed with improved permissions handling.
CVE-2017-13826: Trevor Jacques of Toronto

Separately, Apple Watch and Apple TV users will find watchOS 4.2 and tvOS 11.2 available as updates, and iPhone and iPad users can download iOS 11.2.

Enjoy this tip? Subscribe to the OSXDaily newsletter to get more of our great Apple tips, tricks, and important news delivered to your inbox! Enter your email address below:

Related articles:

Posted by: Paul Horowitz in Mac OS X, News

34 Comments

» Comments RSS Feed

  1. mcpack says:

    so do we continue to wait to update to High Sierra? Do you think they’ve fixed this buggy release?

    • No thanks says:

      I have no intention on updating to High Sierra anytime soon.

      Whether or not you update to High Sierra is entirely up to you. But ask yourself, what is the benefit? What do you gain? What are the big new critical features in High Sierra that you are missing right now? What is the potential loss of having downtime? What is the potential nuisance of having incompatible software/hardware? Do you mind spending a day having to reformat and downgrade if it ends up being a mess? What is stability worth to you? Is your current MacOS setup desperately in need of an update to a “new” version which offers plenty of potential things to go wrong and virtually nothing obesrvable to benefit if it goes right? The answers will depend for each Mac user.

      “If it ain’t broke, don’t fix it” is very relevant.

      Personally I will consider High Sierra when it’s about 10.13.5, which is probably about the time 10.14 will be out in beta testing. I am leaning towards skipping it entirely, based on simple cost/benefit and risk/return analysis. I need my computer for work, when my computer is not working then I am not working which means I am losing money or time, or both. I do not have time to beta test for Apple. But that’s my conclusion.

    • arni says:

      High Sierra has been the lowest problem update of all the recent OS updates. This time around, everything just works. I say go ahead and update if you’re thinking about it.

  2. Ogles of Kansas says:

    I will avoid high sierra abs every other Mac software release until they fix the problems

    Here is an ex Apple employee on twitter who ran into bugs with the update. They also recently switched to android for stability

    https://twitter.com/yipe/status/938564219217133568

    Looks like Apple needs to wake up and smell the coffee or people will abandon the platform that was once the best but now…..

  3. WTS says:

    so far this seems to be an apple os nightmare trying to De-bug a system that promisses so much but so far has offered nothing but headaches not only for me but also the third party developpers

  4. Steph says:

    FYI, the 10.13.2 update just bricked my iMac. I had to boot into recovery mode and reinstall from TM backup… first time in 17 years a regular update has hung up OS X for me. Now my mac is down for next 26 hours :(

    (I)OS X sucks. I miss snow leopard!

    • Daniel says:

      I have an ’09 mac pro running Snow Leopard and everything still runs just as well as it did when it was new. Web browsing is starting to become an issue though…modern pages don’t always render properly.

    • Hatuxka says:

      Same here. In my case all of the 10.13.2 betas resulted in a need for reinstallation of 10.13.1 from recovery mode-which was sufficient to restore stability without the time-consuming TM restoration.

  5. TonyB says:

    Why is there never a mention on the data size?
    Its never given and an arogant assumption consumption of data is a big concern to many still that need to know.
    Not all have unlimitted data allowance and need to plan.

    • ommi says:

      Because the size of the update depends on what Mac OS version you are updating from. It could be small, or it could be large, it depends on your specific Mac and system software version.

  6. Frans de Wolff says:

    When I looked (MacOs High Sierra, About …, Updates) there was nothing there. Still no “character viewer” and still no “keyboard preferences locking emoji” valid selection.
    Frans

  7. WHarist says:

    iMovie constantly crashing when trying to open it on a external screen, from a laptop. When opening iMovie directly on the laptop there is no problem though.

  8. Lee says:

    Fixes nothing, lol, as expected. I will be staying on 10.12.6, its a REAL Server too, because WebDAVS/iOS support hasnt been removed (even though iOS11 has a Files app that works directly with Mac OS Server 10.12 and 10.11). Apple, get your act together, give time to COMPUTERS, you know, that thing that got you where you are now! 10.12.6 works, its a REAL Server too!

  9. Randy Roadside says:

    I’ve tried to install this update over 10.13.1 and it won’t take. I have a Mac Mini late 2012. I tried it twice through the App Store and once by downloading it myself. The process completes, computer restarts, and it still says 10.13.1. Suggestions?

    • Hatuxka says:

      A note about this-official if I recall rightly-was that it was attributable to some application(s) present at the time of installation. So gave up trying to install 10.13.2 at that point.

  10. Kay says:

    I got the no entry sign on a grey background towards the end of the update process and had to reinstall from the latest backup which took several hours to complete.

  11. Ian Cann says:

    Since I upgraded several of the links ie mail, photos, calendar are no longer working. I have downloaded the ‘bug fix’ but its made no difference. Six there an easy fix?

  12. Heather Boney says:

    I downloaded the update and now I can’t get past root boot log in. Takes forever to get there and it keeps going to change password, and nothing beyond that. I have no idea how to even get into safe mode.

  13. Doctor X says:

    “Upgrade” ate 10 GB and killed all browser access to Google, Youtube–“insecure connection”–and other places.

    Rendered computer unable to fully shutdown unless you wait an hour or, in one case, overnight where, in the morning, you force power it down.

    Not sure what “bugs” this fixed, but it created a number of new ones.

    • arny says:

      That sounds like you have a bunch of other unrelated problems. This update does not cause any of your symptoms, unless there’s some seriously wrong things already going on with your computer.

      • Doctor X says:

        @arny:

        Thanks for your reply. I came back to “fix” some of my complaints.

        1. The Internet problem was a coincidence. Not related to the update.

        2. The loss of 10 GB is probably an issue with indexing.

        3. I do not have an explanation for the sloooooowwww shutdown and restarts.

        For the hell of it, I reconstituted my Int-HD from my clone. Having nothing better to do, I let it re-download and update.

        This time, no problem.

        Meanwhile, the “lost” space disappeared over time. I suspect that is just Spotlight indexing. To be specific, I compared the size of files with the clone. My Int-HD read as 10 GB smaller than the source clone. However, as you know, when you click on files/volume it takes a bit for the size of each to resolve.

        As it did, the 10 GB loss “disappeared.”

        So far, it is working, so I retract my rant from above ^^,

  14. Lee says:

    10.13 is a bug lol. Dont touch it, stay on 10.12.6

  15. Tom says:

    Just did the update on my Mid 2014 MBPr 13, took less than 15 minutes, everything seems to be working OK.

  16. Joe Streno says:

    Just did the 10.13.2 update & got the black screen after rebooting. Booted into safe mode & did About This Mac & it showed I was still @ 10.13.1 with no update. Looks like the update didn’t even install. I even tried downloading the full combo update installer from Apple & still got the same end result — black screen. Reboot into safe mode & still at 10.13.1. Grrrrrrrr!

    Now I’m looking for any possible answers before I do a wipe & clean install of High Sierra. This will be the 3rd such wipe & clean install trying to remedy 10.13 issues.

    As a Mac consultant, and a Mac user since 1986, I’m disappointed at Apple’s lack of quality control & the layers of issues that 10.13 has created … even before all the 10.13.x updates & patches.

    • Paul says:

      You can reinstall macOS without clean installing, it will just reinstall the operating system itself. Be sure you have a sufficient backup made beforehand, just in case it does not work. Personally I would try that before doing a clean install.

      http://osxdaily.com/2016/10/12/reinstall-macos-sierra/

      The directions are for Sierra but it applies the same to High Sierra.

      • Doctor X says:

        Per my rant a comment above, I experienced the same problem. As Paul recommends, BACK UP! I was able to fix everything from my back up.

        My recent upgrade worked without a hitch. I suspect that we both did not wait long enough for the upgrade on reboot. So I got just what you had–rebooted after a long time to find I was still in 10.13.1 with the suggestion I RESTART to finish upgrade!

  17. YZT says:

    Also fixed the “red shade” Metal bug on mbps with discrete video and significantly improved Metal performance overall, that’s so far the best thing they had fixed.

  18. Micmac says:

    After running the 10.13.2 update on my iMac I could only start it up in recovery mode. I had to do a full system restore from my Time Machine. A couple of programs also needed to be reinstalled. The whole process took me a day. Definetly not trying that update again!!

  19. Mike says:

    How do you skip over (if possible) 10.xxx and go right to 10.13.2?

Leave a Reply

 

Shop for Apple & Mac Deals on Amazon.com

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Recent Posts