There's a flaw in Apple's newest computer operating system that allows someone to gain administrative capabilities without a password. The flaw, discovered by developer Lemi Orhan Ergan and his colleagues, affects macOS High Sierra. In the meantime, setting a root password prevents unauthorized access to your Mac," an Apple (AAPL, Tech30) spokesperson said in a statement. "If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the 'Change the root password' section," Apple said. The flaw requires physical access for most people, but could work remotely if the user has Remote Desktop enabled.

Source: CNN November 28, 2017 22:52 UTC