Apple, Apple, Apple. What are we going to do with you? In your most recent High Sierra macOS release, it turns out you’ve given a way for any local user to take over a Mac — lock, stock, and two smoking barrels.
This exploit doesn’t require any mad NSA-type hacker skillz. All you have to do is go to System Preferences, then Users and Groups, and click the lock to make changes. Then, enter “root” as your username without a password. Shazam! You’re in.
Read more…
Source: ZDNet