Gerry and Steve give you an Apple security update on the recent Mac High Sierra bug, discuss a recent testimonial given to Congress about identity verification in a post-breach world, and some advice from the IRS to avoid tax fraud with the tax season coming up. The guys also present their One Cool Thing.

Get the Show Notes

Resources

Apple security problem in macOS High Sierra

A vulnerability for macOS High Sierra has been identified that allows an attacker to bypass administrator authentication without supplying the administrator’s password. Basically someone can have root access to the machine without having to provide a password. In concert with your inner monologue, yes this is an awful vulnerability. Fortunately, Apple has responded quickly and has released a patch (Security update 2017-001).

This vulnerability applies to systems running macOS High Sierra and does not affect systems running macOS Sierra 10.12.6 and earlier.

https://support.apple.com/en-us/HT208315

https://support.apple.com/en-us/HT201541

House Energy and Commerce Hearing

https://energycommerce.house.gov/hearings/identity-verification-post-breach-world/

IRS Anti- Tax Fraud tips and tricks

As part of National Tax Security Awareness Week-November 27 to
December 1-the Internal Revenue Service (IRS) is releasing daily
security tips to help taxpayers protect their data and identities
against tax-related identity theft.

https://www.irs.gov/newsroom/national-tax-security-awareness-week-2017