We at Komando.com always advise you to keep your gadgets up to date with the latest software updates for security purposes. However, if you’re a Mac owner, you may want to hold off updating to the latest version of High Sierra 10.13.1 until this huge security flaw is fixed.
According to a torrent of Twitter posts, a bug in High Sierra allows anyone to gain administrator access to the Users & Groups settings by simply typing “root” as the username and no password. Oopsie.
9to5 Mac reports that the vulnerability was discovered by developer Lemi Orhan Ergin and he publicly contacted Apple Support to report the flaw.
The implications of this bug can be disastrous since an authorized user can exploit the flaw and can change user privileges, reset passwords and view personal files without having administrator privileges.
How to protect your Mac
Since the flaw is now public and it allows anyone to modify user accounts, we’re expecting a prompt software fix from Apple.
In the meantime, to protect your Mac against unauthorized access, we recommend disabling Guest Access and changing the Root password on your MacOS High Sierra 10.3.1 machine.
Kim Komando, excerpt posted on SouthFloridaReporter.com, Nov. 29, 2017
