MacOS High Sierra 10.13.2 Update Released with Bug Fixes

Dec 6, 2017 - 48 Comments

macOS High Sierra 10.13.2

Apple has released macOS High Sierra 10.13.2 for the general public. The software update includes multiple bug fixes and is said to improve the stability, security, and compatibility of High Sierra, and is thus recommended for Mac users running High Sierra to update to.

Separately, MacOS Sierra and Mac OS X El Capitan users will find Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan available for their respective operating system releases. Those security updates are also recommended to install for Mac users running 10.12.6 and 10.11.6.

Specific issues mentioned in the release notes for MacOS High Sierra 10.13.2 include improvements for certain USB audio devices, VoiceOver Navigation for PDF files in Preview, and improving Braille displays with Mail app. Presumably the 10.13.2 final update also includes a permanent fix to the root login bug and networking bug that surfaced in prior versions of MacOS High Sierra.

How to Download and Update macOS High Sierra 10.13.2

Always back up a Mac before installing any system software update, the easiest way to do that is with Time Machine on a Mac.

  1. Pull down the  Apple menu and choose “App Store”
  2. Go to the “Updates” tab and choose to download and update “macOS 10.13.2 Update”

MacOS High Sierra 10.13.2 update

The High Sierra system software update is labeled with the update label “macOS 10.13.2 Update 10.13.2” in the Mac App Store.

Security Updates for macOS Sierra and Mac OS X El Capitan

Mac users running Sierra and El Capitan will instead find the “Security Update 2017-002 Sierra” and “Security Update 2017-005 El Capitan” available in the Updates section of the Mac App Store.

Though security updates are small, it’s still recommended to backup a Mac before installing them.

Security Update for macOS Sierra and El capitan

Mac users can also choose to download the macOS High Sierra Combo Update or regular update, as well as the individual security update packages, from here at Apple Support downloads. Using a Combo Update for updating Mac OS system software is easy but generally considered more advanced, and can be particularly beneficial for users installing the same update on multiple computers, or who are coming from an earlier version of the same system software release (i.e. 10.13.0 directly to 10.13.2).

MacOS High Sierra 10.13.2 Release Notes

Release notes accompanying the App Store download are brief, mentioning the following:

This update is recommended for all macOS High Sierra users.

The macOS High Sierra 10.13.2 Update improves the security, stability, and compatibility of your Mac, and is recommended for all users.

This update:

• Improves compatibility with certain third-party USB audio devices.

• Improves VoiceOver navigation when viewing PDF documents in Preview.

• Improves compatibility of Braille displays with Mail.

Enterprise content:

• Improves performance when using credentials stored in the keychain to access SharePoint websites that use NTLM authentication.

• Resolves an issue that prevented the Mac App Store and other processes invoked by Launch Daemons from working on networks that use proxy information defined in a PAC file.

• If you change your Active Directory user password outside of Users & Groups preferences, the new password can now be used to unlock your FileVault volume (previously, only the old password would unlock the volume).

• Improves compatibility with SMB home directories when the share point contains a dollar sign in its name.

Security Notes for macOS 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan

Multiple security relates patches and bug fixes have also been included for the software updates, according to security notes from Apple:

macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan

Released December 6, 2017

apache
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memory
Description: Multiple issues were addressed by updating to version 2.4.28.
CVE-2017-9798

curl
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Malicious FTP servers may be able to cause the client to read out-of-bounds memory
Description: An out-of-bounds read issue existed in the FTP PWD response parsing. This issue was addressed with improved bounds checking.
CVE-2017-1000254: Max Dymond

Directory Utility
Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier 
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13883: an anonymous researcher

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.
CVE-2017-13878: Ian Beer of Google Project Zero

Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2017-13875: Ian Beer of Google Project Zero

IOAcceleratorFamily
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13844: found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (softsec.kaist.ac.kr)

IOKit
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation.
CVE-2017-13848: Alex Plaskett of MWR InfoSecurity
CVE-2017-13858: an anonymous researcher

IOKit
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues were addressed through improved state management.
CVE-2017-13847: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13862: Apple

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2017-13833: Brandon Azad

Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13876: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13867: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero

Mail
Available for: macOS High Sierra 10.13.1
Impact: A S/MIME encrypted email may be inadvertently sent unencrypted if the receiver’s S/MIME certificate is not installed
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2017-13871: an anonymous researcher

Mail Drafts
Available for: macOS High Sierra 10.13.1
Impact: An attacker with a privileged network position may be able to intercept mail
Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control.
CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH

OpenSSL
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read issue existed in X.509 IPAddressFamily parsing. This issue was addressed with improved bounds checking.
CVE-2017-3735: found by OSS-Fuzz

Screen Sharing Server
Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6
Impact: A user with screen sharing access may be able to access any file readable by root
Description: A permissions issue existed in the handling of screen sharing sessions. This issue was addressed with improved permissions handling.
CVE-2017-13826: Trevor Jacques of Toronto

Separately, Apple Watch and Apple TV users will find watchOS 4.2 and tvOS 11.2 available as updates, and iPhone and iPad users can download iOS 11.2.

.

Related articles:

Posted by: Paul Horowitz in Mac OS, News

48 Comments

» Comments RSS Feed

  1. Prometheus says:

    10.13.3 I mean….

  2. Prometheus says:

    DO NOT UPDATE if use SMB. Giant cluster f@#*. I love apple, and hate the apple. Oh it is so confusing.

    Please 10.12.3 work!

    If you use SMB you wil no longer be able to move files around with our hard restarting your computer.

  3. Prometheus says:

    DO NOT UPDATE if use SMB. Giant cluster f@#*. I love apple, and hate the apple. Oh it is so confusing.

    Please 10.12.3 work!

    If you use SMB you wil no longer be able to move files around with our hard restarting your computer. SMB is for inter server transfer.

  4. Nick Beacham says:

    HS 10.13.2 may have fixed the bug causing exposure of password in APFS but disk utillity is NOT fixed. On MacPro with 8GB RAM and 250GB SSD (APFS & Filevault = Y) DU ceases to work after checking an external volume. I am loosing my confidence in Apple. They are getting to clever by half and too complacent. I suspect Style over Substance approach of recent years has assisted this and a once dependable OS is now as flaky as Windows. I am glad I cannot afford £5k for a new Pro.

  5. Tim says:

    If you connect to shares on Windows servers, steer well clear of 10.13.2. Finder repeatedly freezes after just a few interactions and the only temporary cure is to log out and in again. Not good.

  6. Simon Hayre says:

    “Improves compatibility with certain third-party USB audio devices.” And now my Logitech A-00044 USB Headset is no longer working…. Thanks Apple!!

    • Jack says:

      High Sierra from day one broke the connection with my Parasound USB A-D converter, which worked flawlessly under Sierra. Latest update did nothing to fix the problem. Sent a note to Tim Cooke about this problem. Perhaps the kids in the lab will get wind of this problem afflicting many.

  7. Terry says:

    So my imac updated to high sierra and then got a notification that it has to restart and so i clicked that. But no computer wont start up :/ its stuck to just the full progression bar. I’ve left it over night and nothing. Done cmd+r and reinstall the macOS still done the same thing stuck on progression bar (100%) and wont start up. Can’t get it to safe mode for some reason. Don’t remember havin a TM back up. Please help. I’ve already cried about it. This is the first time its done this and its really pissing me off now :/

    • Ben says:

      Restart your Mac whilst holding down one of the following combinations:

      Command (⌘)-R
      Install the latest macOS that was installed on your Mac, without upgrading to a later version.

      Option-Command-R
      Upgrade to the latest macOS that is compatible with your Mac.

      Shift-Option-Command-R (Requires macOS Sierra 10.12.4 or later)
      Install the macOS that came with your Mac, or the version closest to it that is still available.

      Next follow these steps after starting up from macOS Recovery:
      1. Choose Reinstall macOS (or Reinstall OS X) from the utilities window.
      2. Click Continue, then follow the onscreen instructions. You’ll be asked to select your disk. If you don’t see it, click Show All Disks.
      3. Click Install. Your Mac restarts after installation is complete.

      Hope this helps.

  8. Mike says:

    How do you skip over (if possible) 10.xxx and go right to 10.13.2?

  9. Micmac says:

    After running the 10.13.2 update on my iMac I could only start it up in recovery mode. I had to do a full system restore from my Time Machine. A couple of programs also needed to be reinstalled. The whole process took me a day. Definetly not trying that update again!!

  10. YZT says:

    Also fixed the “red shade” Metal bug on mbps with discrete video and significantly improved Metal performance overall, that’s so far the best thing they had fixed.

    • Dong Feng says:

      Actually it seems to me the opposite regarding the Metal performance part. My Metal-based rendering code runs happily at 20 FPS under 10.13.1. Now it achieves less than 4 FPS under 10.13.2. I tested on a few machines and the result is the same.

      I’d be surprised if this problem is specific only to my code. Since you mentioned Metal, I hope you may have some experience on the Metal in the first hand and complement some information.

  11. Joe Streno says:

    Just did the 10.13.2 update & got the black screen after rebooting. Booted into safe mode & did About This Mac & it showed I was still @ 10.13.1 with no update. Looks like the update didn’t even install. I even tried downloading the full combo update installer from Apple & still got the same end result — black screen. Reboot into safe mode & still at 10.13.1. Grrrrrrrr!

    Now I’m looking for any possible answers before I do a wipe & clean install of High Sierra. This will be the 3rd such wipe & clean install trying to remedy 10.13 issues.

    As a Mac consultant, and a Mac user since 1986, I’m disappointed at Apple’s lack of quality control & the layers of issues that 10.13 has created … even before all the 10.13.x updates & patches.

    • Paul says:

      You can reinstall macOS without clean installing, it will just reinstall the operating system itself. Be sure you have a sufficient backup made beforehand, just in case it does not work. Personally I would try that before doing a clean install.

      https://osxdaily.com/2016/10/12/reinstall-macos-sierra/

      The directions are for Sierra but it applies the same to High Sierra.

      • Doctor X says:

        Per my rant a comment above, I experienced the same problem. As Paul recommends, BACK UP! I was able to fix everything from my back up.

        My recent upgrade worked without a hitch. I suspect that we both did not wait long enough for the upgrade on reboot. So I got just what you had–rebooted after a long time to find I was still in 10.13.1 with the suggestion I RESTART to finish upgrade!

  12. Tom says:

    Just did the update on my Mid 2014 MBPr 13, took less than 15 minutes, everything seems to be working OK.

  13. Lee says:

    10.13 is a bug lol. Dont touch it, stay on 10.12.6

  14. Doctor X says:

    “Upgrade” ate 10 GB and killed all browser access to Google, Youtube–“insecure connection”–and other places.

    Rendered computer unable to fully shutdown unless you wait an hour or, in one case, overnight where, in the morning, you force power it down.

    Not sure what “bugs” this fixed, but it created a number of new ones.

    • arny says:

      That sounds like you have a bunch of other unrelated problems. This update does not cause any of your symptoms, unless there’s some seriously wrong things already going on with your computer.

      • Doctor X says:

        @arny:

        Thanks for your reply. I came back to “fix” some of my complaints.

        1. The Internet problem was a coincidence. Not related to the update.

        2. The loss of 10 GB is probably an issue with indexing.

        3. I do not have an explanation for the sloooooowwww shutdown and restarts.

        For the hell of it, I reconstituted my Int-HD from my clone. Having nothing better to do, I let it re-download and update.

        This time, no problem.

        Meanwhile, the “lost” space disappeared over time. I suspect that is just Spotlight indexing. To be specific, I compared the size of files with the clone. My Int-HD read as 10 GB smaller than the source clone. However, as you know, when you click on files/volume it takes a bit for the size of each to resolve.

        As it did, the 10 GB loss “disappeared.”

        So far, it is working, so I retract my rant from above ^^,

  15. Heather Boney says:

    I downloaded the update and now I can’t get past root boot log in. Takes forever to get there and it keeps going to change password, and nothing beyond that. I have no idea how to even get into safe mode.

  16. Ian Cann says:

    Since I upgraded several of the links ie mail, photos, calendar are no longer working. I have downloaded the ‘bug fix’ but its made no difference. Six there an easy fix?

    • Sarah says:

      I am having the same issue. I have been searching for a solution but can not find one!!! HELP !!!

    • Neil McCarty says:

      Upgrading to High Sierra on my iMac caused a problem with Mail unable to display jpeg files. It turns out they display in the Inbox, but if moved to another folder, they don’t display. And it’s random, some display some don’t. Moving a broken email back to the Inbox won’t repair it. Apple Support (Case ID: 100355301994) has been working on this since 11/19/2017. So far they’ve caused one of my keyboard shortcuts to stop working and helped me to mess up Mail so badly that I’ve lost (guessing) thousands of emails. On 11/25/2017 we uploaded about half a gig of data to Apple to be analyzed by their experts. Now they’ve pretty much gone silent. They’ve ignored a lot of my email and phone calls, twice they failed to call me on a specified date and time.

      Sorry, no easy fix.

  17. Kay says:

    I got the no entry sign on a grey background towards the end of the update process and had to reinstall from the latest backup which took several hours to complete.

  18. Randy Roadside says:

    I’ve tried to install this update over 10.13.1 and it won’t take. I have a Mac Mini late 2012. I tried it twice through the App Store and once by downloading it myself. The process completes, computer restarts, and it still says 10.13.1. Suggestions?

    • Hatuxka says:

      A note about this-official if I recall rightly-was that it was attributable to some application(s) present at the time of installation. So gave up trying to install 10.13.2 at that point.

    • dpeete says:

      Running into the same issue with a 2017 Macbook Pro. I’ve “installed it” 3 times from the App Store, and once from the support download, and it always appears to complete, but then reboots to 10.13.1.

  19. Lee says:

    Fixes nothing, lol, as expected. I will be staying on 10.12.6, its a REAL Server too, because WebDAVS/iOS support hasnt been removed (even though iOS11 has a Files app that works directly with Mac OS Server 10.12 and 10.11). Apple, get your act together, give time to COMPUTERS, you know, that thing that got you where you are now! 10.12.6 works, its a REAL Server too!

  20. WHarist says:

    iMovie constantly crashing when trying to open it on a external screen, from a laptop. When opening iMovie directly on the laptop there is no problem though.

  21. Frans de Wolff says:

    When I looked (MacOs High Sierra, About …, Updates) there was nothing there. Still no “character viewer” and still no “keyboard preferences locking emoji” valid selection.
    Frans

  22. TonyB says:

    Why is there never a mention on the data size?
    Its never given and an arogant assumption consumption of data is a big concern to many still that need to know.
    Not all have unlimitted data allowance and need to plan.

    • ommi says:

      Because the size of the update depends on what Mac OS version you are updating from. It could be small, or it could be large, it depends on your specific Mac and system software version.

    • Fleur says:

      I have slow ADSL and a satellite internet with a monthly quota. I’ve tried to upgrade to HS from Yosemite. The 4Gb download is huge for my setup. The Macbook hangs for hours, with no indication on the screen of what is happening, or even whether anything is happening. Is it reformatting the disc? There is no evidence of that. Apple’s decision to have no progress messages is astonishing. I have given up for now. If HS is also buggy, what is the incentive? Maybe simply that Apple does not appear to be issuing any Yosemite security updates (for Meltdown and Spectre for example) along with those for El Capitan and Sierra/HS.

  23. Steph says:

    FYI, the 10.13.2 update just bricked my iMac. I had to boot into recovery mode and reinstall from TM backup… first time in 17 years a regular update has hung up OS X for me. Now my mac is down for next 26 hours :(

    (I)OS X sucks. I miss snow leopard!

    • Daniel says:

      I have an ’09 mac pro running Snow Leopard and everything still runs just as well as it did when it was new. Web browsing is starting to become an issue though…modern pages don’t always render properly.

    • Hatuxka says:

      Same here. In my case all of the 10.13.2 betas resulted in a need for reinstallation of 10.13.1 from recovery mode-which was sufficient to restore stability without the time-consuming TM restoration.

  24. WTS says:

    so far this seems to be an apple os nightmare trying to De-bug a system that promisses so much but so far has offered nothing but headaches not only for me but also the third party developpers

  25. Ogles of Kansas says:

    I will avoid high sierra abs every other Mac software release until they fix the problems

    Here is an ex Apple employee on twitter who ran into bugs with the update. They also recently switched to android for stability

    https://twitter.com/yipe/status/938564219217133568

    Looks like Apple needs to wake up and smell the coffee or people will abandon the platform that was once the best but now…..

  26. mcpack says:

    so do we continue to wait to update to High Sierra? Do you think they’ve fixed this buggy release?

    • No thanks says:

      I have no intention on updating to High Sierra anytime soon.

      Whether or not you update to High Sierra is entirely up to you. But ask yourself, what is the benefit? What do you gain? What are the big new critical features in High Sierra that you are missing right now? What is the potential loss of having downtime? What is the potential nuisance of having incompatible software/hardware? Do you mind spending a day having to reformat and downgrade if it ends up being a mess? What is stability worth to you? Is your current MacOS setup desperately in need of an update to a “new” version which offers plenty of potential things to go wrong and virtually nothing obesrvable to benefit if it goes right? The answers will depend for each Mac user.

      “If it ain’t broke, don’t fix it” is very relevant.

      Personally I will consider High Sierra when it’s about 10.13.5, which is probably about the time 10.14 will be out in beta testing. I am leaning towards skipping it entirely, based on simple cost/benefit and risk/return analysis. I need my computer for work, when my computer is not working then I am not working which means I am losing money or time, or both. I do not have time to beta test for Apple. But that’s my conclusion.

    • arni says:

      High Sierra has been the lowest problem update of all the recent OS updates. This time around, everything just works. I say go ahead and update if you’re thinking about it.

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site