Originally published at: https://www.myce.com/news/critical-vulnerability-apples-macos-high-sierra-leaves-system-wide-open-attackers-83109/
A critical security vulnerability in macOS High Sierra makes it very easy for an attacker with physical access to a locked Mac to login with root. In specific cases it’s also possible to exploit the vulnerability remotely. When the OS asks for an username and password it’s sufficient to use root as username and to leave the password field empty.
Didn’t Mac say they are impervious to attacks.