macOS High Sierra Supplemental Update Released for Mac Users
Apple has released the first supplemental update to macOS High Sierra 10.13, complete with bug fixes, improvements, and security fixes.
General release notes accompanying the supplemental update suggests the release includes improvements to stability, reliability, and security. Specifically, the update is said to “improve installer robustness” (it is unclear if this addresses the issue where some users are unable to download a complete macOS High Sierra installer without third party utility assistance), includes a fix for cursor graphics bugs when using Adobe InDesign, and resolves and issue with Mail app was unable to delete email from Yahoo accounts. Additionally, the update includes a security fix to address a problem where Disk Utility could be used to reveal the password of an encrypted AFPS volume, and the update also resolves a security bug relating to Keychain passwords. Complete security update release notes are below for those interested. The supplemental update is recommended for all macOS High Sierra users to install.
Downloading macOS High Sierra Supplemental Update
Mac users running macOS 10.13 High Sierra can find the update available to download and install now in the Mac App Store Updates section. The update is labeled as “macOS High Sierra 10.13 Supplemental Update”.
You can also choose to download the macOS High Sierra Supplemental Update as a DMG installer file from Apple by going here and choosing the blue Download button, as dmg file the download size is 920 MB.
Note the supplemental update is separate from the beta versions of 10.13.1 currently under the beta testing programs.
Always back up a Mac before installing any system software update, including smaller bug fix updates like this macOS High Sierra Supplemental Update.
macOS High Sierra Supplemntal Update Release Notes
The macOS High Sierra general release notes and security release notes are as follows, beginning with the former:
This supplemental update includes improvements to the the stability, reliability and security of your Mac, and is recommended for all macOS High Sierra users. This update:
• Improves installer robustness
• Fixes a cursor graphic bug when using Adobe InDesign
• Resolves an issue where email messages couldn’t be deleted from Yahoo accounts in Mail
The complete security related supplemental update release notes are below:
macOS High Sierra 10.13 Supplemental Update
Released October 5, 2017
Available for: macOS High Sierra 10.13
Impact: A local attacker may gain access to an encrypted APFS volume
Description: If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint. This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints.
CVE-2017-7149: Matheus Mariano of Leet Tech
Available for: macOS High Sierra 10.13
Impact: A malicious application can extract keychain passwords
Description: A method existed for applications to bypass the keychain access prompt with a synthetic click. This was addressed by requiring the user password when prompting for keychain access.
CVE-2017-7150: Patrick Wardle of Synack
New downloads of macOS High Sierra 10.13 include the security content of the macOS High Sierra 10.13 Supplemental Update.
Separately, iPhone and iPad users can find iOS 11.0.2 available as an update, which also includes various bug fixes for that system software release, and watchOS 4.0.1 for Apple Watch is out as well.
There is a bug with this update. My cursor disappeared in some of my applications. It would reappear on my desktop if I closed the application.
Oh and the “update” fixes NOTHING!
What kind of response is that, work for Apple do you? Wanting to be able to log in without pulling the HDMI cable out, file sharing options that have been there in 10.11 and 10.12, is NOT thinking just about me. Pull your head out
Downloading and installing now, lets see if I can get the login screen to display without pulling the HDMI cable from the Mac mini! Oh, Apple, what about Server? iOS/WebDAVS? Turn off Guest access as default for SMB??? You know, actually make something that works for business rather than concentrating on home user crap
Maybe one day we will get past this “stop focusing on others and focus on me” mentality when dealing with people offiering products for sell. I understand wanting new or bettrer features, but I will never understand why people get upset because someone is selling a product that doesn’t do exactly what they want specifically. It’s like they expect everyone to cater to them as a individual in a world of 7 billion.
Good for you. But for me, I update to every new beta version. Won’t kill you, really…
If I redownload it from store would it include this update? I want to make a bootable usb installer.
“New downloads of macOS High Sierra 10.13 include the security content of the macOS High Sierra 10.13 Supplemental Update.”
Yes, the Supplemental Update is included in any new downloads of the macOS 10.13 installer from the App Store as of October 5th. See here at the bottom of the “Security” section:
Yes new downloads of the macOS High Sierra Installer should have the updates included.
However, and this is just me personally, I like to wait until the first major bug fix release is done. Here that would be macOS 10.13.1, but given all the problems I read online I might wait until macOS 10.13.3 or later this time around. High Sierra has virtually no new features, so there is little reason for most of us to update with any urgency and I have seen more people hold off on this update than perhaps any update in macOS (Mac OS, Mac OS X, OS X, toe-may-to, toe-maht-o) history.