Less than 24 hours after the discovery of a major security flaw that allowed every Mac running macOS High Sierra to be accessed without a password, Apple has issued a patch to resolve the issue, as well as an apology.
The vulnerability, which let users unlock Macs with the username “root” and a blank password, was revealed midday Tuesday. Apple’s software update became available Wednesday morning. According to the company, it will be automatically downloaded to effected computers later on Wednesday.
Here is Apple’s statement on the critical security issue:
The flaw was revealed in a Twitter post by Lemi Orhan Ergin Tuesday:
Apple (aapl) initially responded to Ergin an hour later, via Twitter. In a statement to Fortune on Tuesday afternoon, an Apple spokesperson said the company was working on a software update to address the flaw.
The macOS “root” user account is a system administrator or “superuser” profile used for unlocking and changing files that are typically protected by the operating system.
This is not the first password flaw associated with macOS High Sierra. The operating system launched with a bug that would allow hackers to access user passwords in the system’s Keychain, a software vault designed to store login information. That vulnerability was patched shortly after the operating system launched in September 2017.