Mac OS 10.13 (High Sierra) Vulnerability

A security flaw has been detected in Mac Operating Systems 10.13 (High Sierra) or greater.  This vulnerability allows anyone to login to a Mac device and gain full administrative access by typing in the username “root” with no password.  More details can be found in the links provided below.

Systems at Risk

• Currently, this vulnerability is only found in Macs running an Operating System that has been upgraded to MacOS 10.13 (High Sierra) or greater.
        and
• Systems that can be directly physically accessed, or have Apple Remote Desktop (ARD) enabled

Recommended Action

• If you have MacOS 10.13 (High Sierra) or greater, install the fix from Apple found here.

Additional Information:

Homeland Security Vulnerability Note

MacRumors -Major macOS High Sierra Bug Allows Full Admin Access Without Password – How to Fix