A bug in setup tools for some Mac laptops has the potential to allow a “well-funded, motivated” hacker to compromise the device the first time it connects to Wi-Fi, Wired reports.
The vulnerability targets Macs using Apple’s Device Enrollment Program and its Mobile Device Management platform, two tools that allow employees to walk through a customized IT setup to configure their device under a company’s policies, even if they work remotely.
It’s a useful service with various security checks, however, two researchers — Jesse Endahl, the chief security officer of the Mac management firm Fleetsmith, and Max Bélanger, a staff engineer at Dropbox — found one bug in the process, which could allow a hacker to gain remote access to new Macs.
“We found a bug that allows us to compromise the device and install malicious software before the user is ever even logged in for the very first time,” Mr. Endahl told Wired. “By the time they’re logging in, by the time they see the desktop, the computer is already compromised.”
The bug relates to how a third-party mobile device management vendor, which a company might tap to navigate the process, interacts with a Mac device. If a hacker exploits the space between the vendor’s web server and a targeted device, they could replace the intended software a company wants to install on an employee’s laptop with malware, such as spyware or cryptojacking software.
Mr. Endahl and Mr. Bélanger emphasized a typical hacker would not be able to execute this attack, although it is possible to exploit the flaw.
Apple released a fix to the bug in July after the two researchers shared their findings with the company. However, Macs that have been shipped with the older operating system will still be vulnerable, according to Wired.
More articles on cybersecurity:
OCR issuing fewer HIPAA penalties in 2018, report suggests
NIST: How to secure patient records on smartphones, tablets
‘Accidental disclosure’ is the No. 1 way data breaches happen in healthcare, report finds
© Copyright ASC COMMUNICATIONS 2018. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.