Yesterday the media was bombarded with a macOS vulnerability that allowed anyone to get root access to your Mac without the logins.
Apple has responded in under 24 hours by releasing a fix available for users to download immediately.
SECURITY UPDATE 2017-001
Released November 29, 2017
Available for: macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
If you require the root user account on your Mac, you can enable the root user and change the root user’s password.