Security Update 2017-001 for macOS High Sierra (updated for revised info)
Available via software update or download pages for macOS 10.13 & 10.13.1 (below).
Here's info from article on the fix (article has been revised, previously was 10.13.1 only).
"Security Update 2017-001 (for macOS High Sierra)
Released November 29, 2017
Available for: Available for: macOS High Sierra 10.13 and 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator's password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
(the following was added, replacing note on update showing 10.13.1 Build 17B1002.)
To confirm that your Mac has Security Update 2017-001:
Open the Terminal app, which is in the Utilities folder of your Applications folder.
Type what /usr/libexec/opendirectoryd and press Return.
If Security Update 2017-001 was installed successfully, you will see one of these project version numbers:
opendirectoryd-483.1.5 on macOS High Sierra 10.13
opendirectoryd-483.20.7 on macOS High Sierra 10.13.1
FYI on Nvidia Web Driver Updates:
Users of Nvidia's web drivers should know that OS updates (versions or later build numbers after Security Updates) break any currently installed Nvidia web graphics driver. If your card is supported with the default drivers, switch to the default Apple driver and reboot before updating. If not, wait for a Nvidia driver update. (Some non-Mac EFI cards are not supported by default OS X drivers.)