What to do about Apple's shameful Mac security flaw
http://tinyurl.com/y8qyrkwl
Do not follow the advice in that ComputerWorld article as it is out of
date.
Apple has already issued a security update to fix the problem. Run App
Store and install the update. It does not require a restart. (Apple says
it will be installed automatically within a day.)
After installing the security update, the bug will be fixed: future
attempts to authenticate as root with any password while the root
account is disabled will not enable the root account and set its
password to the supplied one.
The security update also disables the root account again, no matter what
password it had. If you wanted to have the root account enabled, you
will need to do that again, setting a suitably strong password. Most Mac
users should NOT do that.
--
David Empson
***@actrix.gen.nz