macOS High Sierra 10.13 Supplemental Update Fixes Early Bugs
We always recommend delaying major macOS upgrades until Apple has had a chance to fix early bugs. The company has taken its first swing at the most egregious problems in macOS 10.13 High Sierra, not with the 10.13.1 update that we had expected, but with the “macOS High Sierra 10.13 Supplemental Update.” It’s highly focused, providing fixes for five specific problems:
- It improves the robustness of the installer, which we hope will address reported issues with installations failing to complete.
-
It fixes a bug that caused the cursor in Adobe InDesign to look like a pixelated box. Unfortunately, Apple said nothing about problems that users of Adobe Illustrator are having with APFS — that may have to wait for 10.13.1 or an Illustrator update.
-
It eliminates a problem that prevented the user from deleting email messages from Yahoo accounts in Mail.
-
It fixes an embarrassing mistake in Disk Utility — it turns out that if you set a hint in Disk Utility when creating an encrypted APFS volume, the password was stored as the hint, making it trivially easy to decrypt the volume. Oops!
-
It requires the user password when prompting for keychain access, which should prevent malicious applications from extracting passwords from the system keychain by bypassing the keychain access prompt with a synthetic click.
macOS High Sierra 10.13 Supplemental Update was 915 MB on my Retina iMac, and you can get it in the Updates screen of the App Store app.
Apple says that it has already built these fixes into new downloads of High Sierra, so if you haven’t yet updated, you won’t need the macOS High Sierra 10.13 Supplemental Update when you do. But if you have already upgraded to High Sierra, we recommend installing this one sooner rather than later.
Should also be noted that this update will NOT work (or even show up for) with the Public Beta.
Unfortunately, this update does not fix the InDesign issue I'm seeing, where document windows and/or their contents are not visible at all.
Ach, sorry to hear it. InDesign seems to be fine here.
Norm, there's an article about ID and OS 10.13 at InDesignSecrets.com. Could you add a comment there?
Thanks.
The fix is working for me in InDesign (I'm the one who wrote the IDSecrets.com posting). I suspect that you may be having a different issue.
If you encrypted an APFS volume (including the system boot
Volume, or an external hard disk) do you need to do anything other than install the update? Do you need to change the password or otherwise reencrypt?
No, the vulnerability could only be accessed locally, so there's no need to change anything after installing the update unless you think a bad guy had already figured it out in your office or home.
For what it's worth, given the news that the supplemental update is built into current downloads of madOS 10.13, I have replaced the archived versions I'm keeping of the High Sierra installer with the latest download. One less issue to worry about when I install it again.
I installed the Supplemental Update on my MacBookPro13,1 and have found that it did not fix the issue of zombie email from Yahoo. As before the Supplemental Update, when I use "Erase Deleted Items" on Yahoo email in its (IMAP) trash folder it will often reappear, sometimes twice.