Apple’s Mac MDM Security Flaw is Bad, but Probably Won’t Impact You

Security researchers have found a way to immediately infringe Mac before users log in for the first time. That's pretty bad, but the deal here is difficult. It affects only a part of Mac users and patches have already been applied.

MDM security flaws that affect already patched Macs

Defects in MDM security can hurt corporate Macs

Apple's Mac MDM security flaw

Security exploit uses Apple 's Mobile Device Management Platform (MDM) to deliver every payload that a hacker tries to ride a new Mac. Jesse Endahl, the Mac security manager's chief security officer at MaxBélanger, staff engineer at Fleetsmith and Dropbox, found this flaw.

Endahl told Wired.

Before the user logged in for the first time, a bug was found to infringe the device and install malicious software. When logging in, the computer has already been compromised before the desktop is displayed.

To take advantage of this flaw, you need to find a way to incorporate a server with malicious payload into the MDM setup process. After the Mac completes the setup verification process, the server must conform to the process before the computer starts delivering the application to Apple servers.

Such MDM settings are typically used at the enterprise level. The company buys a Mac during the purchase process and connects to the MDM system. When an employee gets a computer and turns on the computer for the first time, it connects to Apple's server. By the time the Mac completes booting to the desktop, the process is complete and the necessary applications and settings are installed.

Why Apple's MDM security flaws do not hurt you

Apple 's MDM problem is a legitimate security flaw, but it does not affect most people, nor is it going to spread.

++ Read More


We will be happy to hear your thoughts

      Leave a reply

      For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

      I agree to these terms.

      Apple iPhone stop
      Login/Register access is temporary disabled