Apple has released a supplemental update for macOS High Sierra incorporating various bug fixes for Macs.
Apple lists three very specific fixes in the release notes, the security notes indicate that the update also includes two important fixes.
One is a bug that could have let attackers use a third-party app to pilfer usernames and passwords from macOS’s Keychain tool that stores credentials.
The other is a flaw that revealed plain text passwords in the password hint for encrypted Apple File Systems volumes. If you added disk encryption with a hint, the plain text of your password would show up in the hint field in the Disk Utility.
The update also includes a fix for a Keychain issue which allowed a malicious application to extract all passwords from the system it was running on.