The chief security officer at Fleetsmith Jesse Endahl and the Dropbox engineer Max Belanger found a way to compromise Apple's computers with MacOS High Sierra to version 10.13.6 when the device connects to Wi-Fi for a first time. Attackers can hack the device before the first start of the system. This is is reported by Digital Trends.
We found a bug that allows us to compromise the device and install malicious software before the user is ever even logged in for the very first time. By the time they’re logging in, by the time they see the desktop, the computer is already compromised.
According to experts, the errors are in the tools for the remote access called Device Enrolment Program (DEP) and Mobile Device Management (MDM). When you connect to Wi-Fi for the first time, the laptop connects to Apple's servers and, if its serial number coincides with the company's identifiers, it starts downloading corporate programs from the list in the manifest file. MDM does not require a certificate of authenticity, so hackers can replace the original file with an arbitrary file with its own list of software.
The researchers told Apple about the vulnerability, and the corporation eliminated it with the release of macOS 10.13.6 in July 2018. Computers with older versions of the OS remain vulnerable.
In November 2017, experts discovered a vulnerability in the macOS High Sierra, which allowed root privileges to be received in a couple of clicks. Then the corporation released a bug fix the very next day.