Users of macOS High Sierra should install the update as soon as possible. It is important that you do this security update for your Mac. It closes the root hole that others can use your Mac. The strange phenomenon occurred only if the guest account was activated on a Mac, third parties can switched-on Mac through the system setting “users and groups” root rights could procure.
Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
To confirm that your Mac has Security Update 2017-001:
Open the Terminal app, which is in the Utilities folder of your Applications folder.
Type what /usr/libexec/opendirectoryd and press Return.
If Security Update 2017-001 was installed successfully, you will see one of these project version numbers:
opendirectoryd-483.1.5 on macOS High Sierra 10.13
opendirectoryd-483.20.7 on macOS High Sierra 10.13.1
If you require the root user account on your Mac, you will need