Dear macOS High Sierra Users.
The bug is that the attacker can get the administrator permission without password.
In detail: http://www.bbc.com/news/technology-42161823 (BBC News)
The bugfix was released (Security Update 2017-001).
Please update the software update (https://support.apple.com/en-us/HT201541).
Regards,
Kitani, Chief of Information Processing Office.