Apple issues macOS High Sierra update to fix password-less root vulnerability
Apple on Wednesday released a special security update for macOS High Sierra, solving a recently uncovered flaw which would let people gain root access without entering a password.
The patch, Security Update 2017-001, should be available through the Updates tab in the Mac App Store. After installation, the build number of High Sierra will be 17B1002.
Apple notes that if people require a root user account on their Mac, they can create one and assign a password through System Preferences.
The vulnerability was first exposed on Tuesday. Within hours, Apple was already promising an update, though it didn’t provide an exact timeline.