The flaw could means anyone can log in to a computer running MacOS High Sierra without a password via system preferences, using the root user account. Alternatively, MacOs customers can use a temporary workaround by changing the root user password manually. In the tweet, he said: 'Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. To change the root user password manually, click on the Apple menu icon, then System Preferences and click Users & Groups (or Accounts). From the menu bar in Directory Utility, choose Edit, then Change Root Password.

Source: Daily Mail November 29, 2017 09:11 UTC