A new security flaw has been discovered for macOS High Sierra version 10.13.2 that allows anyone with physical access to your Mac with to access and change your App Store settings in System Preferences without entering a legitimate password.
All that is required is for a user to be logged in with an administrator-level account to your Mac and the. launch System Preferences, then click App Store. Next, hit the padlock icon to lock it, if necessary, then click the padlock icon again. Now enter your Mac account’s user name and any password and click Unlock.
This will now give you full access to App Store settings, App Store preferences are unlocked by default on administrator accounts. Other System Preferences panes can only be unlocked with a correct administrative password.
This flaw lets anyone with physical access to your computer and administrator-level access to unlock your App Store preferences and change settings like the ability to automatically install macOS updates, app updates, system data files and even security updates that would fix a bug like this one.
Original source Mac Rumours