https://www.macrumors.com/2017/11/28/macos-high-sierra-bug-admin-access/

and this is why I don't do "bleeding edge"

Apple says fix incoming for macOS High Sierra root access bug

iMore provides instructions on setting the root password, which eliminates the issue.

Link: Setting root Password

Is physical access required or can Remote Access also exploit this vulnerability?

Good question. ...According to the guy, who discovered this issue, physical access is required.

However, Apple details (at the Support Page linked below) that root user is disabled by default; but, if one logs in to one's Mac using an administrator account, one could enable the root user, then log in as the root user to complete a task. ...Again, I'm not sure is this could be done remotely (with administrator login password).

Here's Apple's root PW Instructions

Regardless, setting a root user password (a strong & unique one) would defeat this security issue. (My unique, root PW is a 13 alpha-numeric-character PW I'll never remember; so, I saved it to 1PW.)

I used the "Change root password" method within System Preferences (as iMore detailed wherein they advised keeping "Enable root user" - after setting root password - since subsequently disabling will delete the just-initiated password). Done.

Apple just issued this security update for High Sierra. From the language, I'm not positive that it addresses the root user issue, but it sounds as if it might.

I just completed the Security Update (no Restart required), available through Mac Apple Store update. My macOS 10.13.1 build did change to that referenced on the Support page.

Thanks for the link. ...And, I found this sentence ("If you require the root user account on your Mac, you will need to re-enable the root user and change the root user's password after this update.) about the Update, interesting as it implies the update resets the "enable root & its password." ....Hmmm.

Basically the problem is that before you "enable the root user", he's already there and enabled because he has to be, but can't authenticate by default if his password is blank. except for this one place that someone forgot to lock down in HS.

It does lead me to wonder though, surely they will find the person ultimately responsible for this, I wonder what will happen to them? What is the penalty for a major embarrassment?

https://www.reuters.com/article/us-apple...g-idUSKBN1DT2TJ

Same positive result for the security update here....however, I'm fairly certain that you meant to say that the build for 13.1 did NOT show up after install.

Mine has NO build associated with the Mac OS X 10.13.1 listed under "About This Mac" under the Apple Menu.....

It DID disable the previously enabled root user....and it DID properly test to validate that the previous root bypass issue was resolved....and I was able to re-enable and disable the root user appropriately with both the Terminal and with the Directory Utility.

In the "About" window, click on the version number; you'll then see the Build added.

Additionally, you could also use the Sys Info app (Utilities), click on Software. You'll also see the System Version with the Build.

Apparently, today's Security Fix causes a problem with File Sharing. See this.

FWIW, I ran the fix and it seems to have worked as divined.

At first, it appeared that physical access was required. It now appears this is not the case. If a user can be tricked into running a malicious app or shell script, the malicious app or shell script can silently enable the root user and then make any changes whatsoever to the system.

You will still need to trick the user into running malicious code, however.

Thanks for that....I missed the change in how About This Mac delivered info as obviously it no longer shows the build until you click on the version number.

And in a related issue: Apple explains how to fix macOS High Sierra file sharing after security update breaks feature

The update to the SU update is now available. ...Other than correcting the File Sharing issue, the 10.13.1 Build is now 17B1003.

and this is where it all began, accidentally, WEEKS AGO:

https://forums.developer.apple.com/thread/79235

My 2¢...

While this coding episode should not have occurred and should be / is an embarrassment to Apple, IMHO, I think those using this episode to voice denigrating comments about High Sierra, are a bit over the mark. (I am not implying any posts in this Thread have done so; but, I have read such shortsighted comments elsewhere.)

Apple deserves a knock for allowing both issues (the High Sierra root vulnerability & the subsequent File Share) to get past code quality control.

Apple reacted quickly to fix both; I think that counts for something. ...Other issues will, no doubt, subsequently arise with macOS (& iOS); I have confidence Apple will be responsive in getting those quickly fixed.

I've been using High Sierra from day one. As my MBP has an SSD, I've using APFS from day one as the upgrade auto converted my drive. ...I've not had any fundamental issues (with Keychain, iCloud, Time Machine, my HS compatible apps, my total system) causing me to even consider rolling back to Sierra. Progress is going forward, not the opposite.

I'm aware some have had certain issues, and FTM is the place to seek help as the active participants are highly knowledgeable & willing to assist. But, again IMHO, I do not believe there are fundamental issues with High Sierra itself, when its installed on a hardware setup that will effectively and efficiently run High Sierra.

And don't forget the file vault storing the password in the hint recently.... there's a reason Apple is calling a meeting with their devs to "discuss recent security".