Note that disabling the root user does not fix this, as you'll still be able to bypass it. You really shouldn't leave your Mac unattended at all until Apple fixes this, and you should shut off guest access for your device.
Choose Edit Change Root Password and enter a new, non-trivial password. An intruder can also apparently access machines remotely when Remote Manager is enabled through Apple Remote Desktop or screensharing.app, according to some accounts. Basically, if you open System Preferences and then navigate to Users and Groups, you can easily gain access to make changes to any account on that machine. If you have FileVault enabled, you're in better shape, since High Sierra won't let someone log into the root account at the login window.
In the dialog that pops up, click on open directory utility, and from the tool's menubar, select the edit item, and then change root password.
Minister Susan Shabangu Congratulates Demi-Leigh Nel-Peters for Winning Miss Universe
Nels-Peters was considered a frontrunner for the title after also being crowned Miss South Africa 2017 earlier this year. On Sunday, he poked fun at his mistake throughout the night. "Let us celebrate this great victory of our nation".
The vulnerability was publicly disclosed on Twitter this afternoon; it's not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered.
This flaw is significant but the risk to most users is quite low. We've reached out to Apple for comment and will update it we hear back. However, there is a workaround that will provide users with some additional security to prevent against unauthorized logins: users can enable a root account that requires a password to gain access.
Enter Directory Utility and press Return to launch it. This will prompt for a password for the Root user account. Yes, using root with no password works here too.
- Angela Merkel offered path to fourth term
- Chinese Fake Trees Driving US Christmas Tree Growers Out of Business
- BYU women's volleyball: Cougars' NCAA Tournament path is set
- Actor Rance Howard, father of director Ron Howard, dies at 89
- Police foil Melbourne New Year's Eve 'terror plot'
- Congressman steps down from top post amid sexual harassment investigation
- Black Friday nets Amazon boss Jeff Bezos a $100bn fortune
- Tiger Woods paired with Justin Thomas on PGA Tour comeback
- Michael Flynn's attorney reportedly meets with special counsel team
- Trump calls Sen. Warren 'Pocahontas' at event honoring Native American vets