Researchers in the field of cybersecurity has demonstrated an exploit that could allow attackers to compromise a Mac from Apple when you first connect to a wireless network Wi-Fi.
About the problem reported by Jesse Endal, chief security officer at Fleetsmith, and Max Bellinger from Dropbox.
According to the report, provided by the experts at the conference Black Hat, the errors are in order to configure these desktop computers.
Experts drew attention to two tools — Device Enrolment Program and Mobile Device Management, they are used to ensure that employees were able to pass the setup process for the organization. You can use them to work from home.
In fact, these tools allow you to immediately configure the device to connect to the ecosystem of the company after the first connection of the Wi-Fi network.
“We have discovered a bug that allows to compromise the device by installing malicious software. All this can be done before the user first time logs on to the system,” explains Jesse Endal.
“Thus, before the user will first see a Desk, his computer will already be compromised.”
To make a successful attack the attackers will help the notorious technique of “Man in the middle” (man-in-the-middle attack an intermediary). With its help, the attackers can upload malicious files.
The main gap lies in the absence of a certificate if you are using Mobile Device Management to determine which apps should be installed. That is, download applications not verificarea.
Despite the fact that the exploit code for the flaw already exists, cybercriminals need access to a specific set of tools and privileges that the attack actually worked. Such targeted attacks would be interesting, for example, state hackers, as they allow to penetrate the enterprise network and get all the inside info.
Apple has eliminated this vulnerability with the release of macOS High Sierra 10.13.6 in July, but experts say that it is not to late to address the problem. Has not received updates devices are still vulnerable to attacks.