A bug has been found In the most recent version of the MacOS High Sierra operating system which makes it possible to gain entry to the machine without a password and allows access to administrator rights.
The bug was discovered by a Turkish developer after he realised he could access the system by entering the username 'root', leaving the password field blank and hitting 'enter' several times.
Those who have root access have more rights than a normal user - enabling them to be able to read and write the files of other accounts on the same machine. They can also delete crucial system files, which could render the computer unusable - or install malware that classic security software would struggle to identify.
The bug cannot be exploited remotely, meaning for many users the threat only exists if a malicious person has physical access to the machine.
Apple are currently working on a fix and will release it as a security patch as soon as possible, which we highly recommend installing. However in the mean time there is a temporary solution:
Setting a root password prevents unauthorised access to your Mac, to enable the Root User and set a password, please follow the instructions here.
To ensure a blank password is not set for an already enabled Root User, please follow the instructions from the ‘Change the root password’ section.
Ensure your Mac is safe - enable a Root User password.