A bug in OS X 10.8 Mountain Lion and 10.7 Lion allows attackers to gain superuser access if they reset the clock to 1 January 1970. The bug shouldn’t affect most people, as the attacker also needs shell access to the Mac, and the user must have enabled superuser access in the past. follow link
Set Password Activation Time in Snow Leopard
In Snow Leopard, you can now set an amount of time after your Mac goes to sleep or engages the screen saver before it requires a password to log back on. In Leopard, the option was simply to require the password or not. Choose among several increments, between 5 seconds and 4 hours, from System Preferences > Security.
- TidBITS Watchlist: Notable Software Updates for 16 September 2013 (16 Sep 13)
- Security Update 2013-004 for Lion and Snow Leopard (12 Sep 13)
- OS X 10.8.5 Fixes Nasty Text Rendering Bug (12 Sep 13)
- ExtraBITS for 2 September 2013 (02 Sep 13)
Hackers Can Root Macs by Going Back in Time
(that's a capital K).
This will remove any past sudo shell access from your history and block this exploit but only when you logout from the shell. When using sudo for anything, I always create a new shell window in Terminal and exit when I'm done. This ensures that the logout script runs.
The best part is that if or when Apple fixes this, you don't really have to do anything because the only consequence to doing this is that you get the initial warning message each time you used sudo instead of just the first time.