Is it correct to assume that (prior to applying Security Update 2017-001) a host running macOS 10.12.6 (Sierra, i.e. not High Sierra) is not affected by the serious vulnerability that enables access to the root superuser if the following command returns non-empty ShadowHashData?
sudo plutil -p /var/db/dslocal/nodes/Default/users/root.plist
Best Answer
According to Apple's support document on Security Update 2017-001 macOS Sierra 10.12.6 and earlier are not affected by the vulnerability:
If you want to use terminal to find out if you're running 10.12.6 you may want to use the command
sw_vers -productVersionor refer to the question How to find out Mac OS X version from Terminal? on superuser.