A new security flaw in macOS High Sierra has been discovered by researchers — one that can grant users access to the system administrator account on a target machine, enabling access to the account without requiring a password.
Root access with the repeated press of the return key… I don’t think I’ve ever seen such a massive hole in an Apple product before. Unbelievable!
The workaround… set a root password. For details on how to do that and securing your highly vulnerable High Sierra (possibly the worst macOS release ever for many reasons BTW) check out the support doc here.
Alternatively watch and follow the video in this tweet from iMore’s Rene Ritchie.
Then share it with everyone you know and make sure they do it too.
— Rene Ritchie (@reneritchie) November 28, 2017