Security researchers have found a bug that puts brand new Macs at risk. As demonstrated at the recent Black Hat security conference in Las Vegas, the security loophole enables remote access to a brand new Mac. This could be dangerous since it involves the risks of shipping Macs with malicious software out of the box.
Although Apple has issued a fix courtesy of macOS High Sierra 10.13.6 update, units shipping with the older version of software remain susceptible to this security loophole before the updated software is installed.
According to a Wired report, this attack targets Macs that use the Device Enrollment Program (DEP). Apple’s DEP allows a company’s IT administrators to automatically deploy Apple software suit straight out of Apple’s warehouses. The report explains Apple devices can be deployed automatically to join businesses after booting up for the first time and connecting to Wi-Fi.
The risk lies in the way devices handle Apple’s Mobile Device Management, which can lead to malware installation out of the box.
The report citing security researchers explained how this type of attack can be carried out. However, researchers have made it clear that it involves a great amount of difficulty. It is possible using a Man-in-the-Middle (MITM) attack on Apple’s Mobile Device Management (MDM) vendor who installs enterprise apps.
Security researchers also praised Apple’s app security and the overall process of MDM since Apple has a tendency of killing malicious apps.
In a Man-in-the-middle attack, the attacker puts oneself between two parties communicating with each other. The attacker makes two parties believe that they are talking directly to each other over a private connection even when it is not the case
In this attack, the entire conversation is being controlled by the attacker. As also explained by Wired, this attack is possible due to consumer-grade routers.