macOS High Sierra 10.13.1, Sierra and El Capitan security updates now available (updated)

Apple has just released macOS High Sierra version 10.13.1, together with security updates for Sierra and High Sierra.

Among the most significant issues addressed is the notorious KRACK group of vulnerabilities in Wi-Fi. tcpdump is updated to version 4.9.2, which fixes a very long list of vulnerabilities, and there’s a long list fixed in the kernel too. In file systems, one vulnerability in HFS and two in APFS have been fixed, although the later only in High Sierra; Apple does not reveal whether the same vulnerabilities might exist in the pre-release version of APFS included in Sierra.

There are additional bug and security fixes in Safari 11.0.1 and iTunes 12.7.1 which are also available now.

High Sierra 10.13.1 appears to consist of additional bug fixes. Apple lists these as including:

  • Bluetooth becoming unavailable during Apple Pay transactions;
  • Improvements in Mail synchronisation with Microsoft Exchange servers;
  • A problem in which Spotlight refuses keyboard input;
  • Unreliable SMB printing.

Most importantly for many enterprise users, this update adds support for unlocking APFS encrypted volumes using a recovery keychain file. This is apparently documented in man diskutil, so presumably is performed using that command tool.

There are also 70 new emoji. Oh boogaloo.

As the update comes to 2.1 GB, I strongly suspect that there is a good deal more to it than Apple has divulged.

The updates are all available now from the App Store, and a standalone updater for High Sierra is at last available here.

Apple has also provided the security updates in standalone form, here for El Capitan, and here for Sierra.

Note that Apple no longer provides security updates for Yosemite; if you are still running OS X 10.10.x, now is the time to upgrade to a more recent version which is still supported.

(Updated 2005 1 November.)