Apple has fixed a serious security flaw that threatens all supported versions of macOS, one week after the flaw was made public

The vulnerability, detailed in a February 3 report, allows remote attackers or malware to completely take over the system The attacker or malware would first have to access the Mac using some other method, which is not that difficult

To update your Mac, click on the Apple icon in the upper left corner of the desktop screen and select System Preferences from the drop-down menu Next, click on the Software Update icon on the selection screen A notification may appear letting you know that a new update is available

Once the update is complete, you should be running macOS Big Sur 1121, macOS Catalina 10157, or macOS Mojave 10146 If you are running macOS High Sierra 1013 or earlier, you may have an older version does not fix this very serious flaw, it is time to upgrade to a newer version of macOS

The vulnerability, dubbed "Baron Samedit" by its discoverers, involves the "sudo" command found in almost all Unix-derived operating systems, including macOS and Linux

Sudo temporarily grants full system access, or "root," to a user who already has administrative privileges; with root, the user can make almost any change to the operating system, and even administrative users usually privileges Ordinary users without administrative privileges do not normally have access to sudo

Baron Samedit, first released for Linux in late January, circumvents this privilege hierarchy It allows users without administrator privileges to obtain root without using an administrator password Thus, an e-mail attachment or web link opened by a non-administrative user could potentially hijack a machine

Major Linux distributions fixed this vulnerability before it became public knowledge However, while it initially appeared that macOS was immune to the Baron Samedit flaw, a security researcher soon discovered a simple workaround that allowed Macs to exploit the flaw as well