A bug may allow hackers to comprise Mac laptops during 1st use

Jessica Kim Cohen -

A bug in setup tools for some Mac laptops has the potential to allow a "well-funded, motivated" hacker to compromise the device the first time it connects to Wi-Fi, Wired reports.

The vulnerability targets Macs using Apple's Device Enrollment Program and its Mobile Device Management platform, two tools that allow employees to walk through a customized IT setup to configure their device under a company's policies, even if they work remotely.

It's a useful service with various security checks, however, two researchers — Jesse Endahl, the chief security officer of the Mac management firm Fleetsmith, and Max Bélanger, a staff engineer at Dropbox — found one bug in the process, which could allow a hacker to gain remote access to new Macs.

"We found a bug that allows us to compromise the device and install malicious software before the user is ever even logged in for the very first time," Mr. Endahl told Wired. "By the time they're logging in, by the time they see the desktop, the computer is already compromised."

The bug relates to how a third-party mobile device management vendor, which a company might tap to navigate the process, interacts with a Mac device. If a hacker exploits the space between the vendor's web server and a targeted device, they could replace the intended software a company wants to install on an employee's laptop with malware, such as spyware or cryptojacking software.

Mr. Endahl and Mr. Bélanger emphasized a typical hacker would not be able to execute this attack, although it is possible to exploit the flaw.

Apple released a fix to the bug in July after the two researchers shared their findings with the company. However, Macs that have been shipped with the older operating system will still be vulnerable, according to Wired.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.