A vulnerability within MacOS High Sierra was discoverd: It allowes logins and/or changes to critical Settings with the Superuser (root) without a password.
I’m sure that Apple is already working on a permanent fix for that, until then you should safe your Mac!

Howto fix the macOS blank root password Security issue?

  1. Open ‘Terminal’ or ‘iTerm2’
  2. Type ‘sudo passwd root’
  3. Type your (User) password
  4. Select a strong password for root (and repeat it)

Change root password on macOS

Change root password on macOS

I was told, that this critical flaw is fixed in the latest macOS High Sierra 10.13.2 Beta (17C83a), but I tested it and the issue was still present on the test system!!!

Root Flaw

Root Flaw

Someone told me, that I should disable the ‘Guest’ user. That doesn’t solve the issue, at least not on my two MacOS High Sierra systems.