So you have only one user on your Mac and that user is named "root"? Really? That would be very strange.
I'm fairly confident most Mac users never enable the root account at all. We don't need to. I'm not sure people who've only used other Unix systems understand that; I didn't when I came to the Mac after using Linux and FreeBSD in the 1990s. You need an administrator account, but that's not really the same thing. I haven't had a root account enabled on a Mac in about 15 years. (Well, except for a 14 hour or so stretch from yesterday evening to this morning, between the time I enabled it with a strong password as a "fix" for this bug and the time the actual fix was pushed by Apple.)
At any rate, I'd be very surprised if there was even a single user literally locked out of their Mac because of this change. I think it'd have been better on general principle if they'd done some kind of check that boiled down to "if the root user is enabled but it doesn't have a password set, disable it, otherwise leave it enabled," but there may be perfectly valid reasons that they couldn't do that.
> So you have only one user on your Mac and that user is named "root"? Really? That would be very strange.
It might be the only local user with a password set, with all other users coming from a remote directory service. Think university labs.
Also, you can always pardon a single incident. But Apple got so aggressive with casualties caused by their system updates that I'm really pissed off by it.
System updates regularly reset configuration to factory settings, breaking things in the progress. Note that I'm not talking about modified system files (those we expect to get reset and thus try hard not to touch) but documented configuration points.
This arrogant mindset is best described as "you surely didn't meant to deviate from our divine default settings, so let me fix that for you!".
For some files they recently started to move your modified files out of the way (creating a backup blah.conf.$(date) or whatever) before forcing the factory config anyway. Not that we need it, but it's probably all we'll ever get.
