This notice is from the archives of The Notice Board. Information contained in this notice was accurate at the time of publication but may no longer be so.
Update: Apple has released a patch for this vulnerability. If you have not yet enabled the root password, do not do so. Instead, go into the App Store and then choose the Update tab and click Update beside the security patch to close the vulnerability.
A major security flaw has been found in macOS High Sierra that allows anyone logged into the machine to gain administrator access. The flaw is extremely easy to use and there is no patch available at this time.
It is possible to close the vulnerability by setting a password for the root account. This should only be done by advanced users who understand what they are doing.
If you have an Apple computer with High Sierra installed, we recommend you exercise caution when allowing others to use it.
Apple has responded to the discovery stating that patch is in the works. We recommend watching for available updates from Apple and installing them as soon as they are available.