If you're running macOS High Sierra, don't let anyone near your Apple Mac. Forbes tested the vulnerability and found it wide open, allowing a change of passwords for other accounts on the Mac. Then type the user's normal password, which will then allow them to add a password to the root account. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section."

Source: Forbes November 28, 2017 21:49 UTC