MacOS High Sierra Can be Hacked Thru Wi-Fi

Corporation eliminated it with the release of macOS 10.13.6 in July 2018, but unupdated computers are still vulnerable
13 August 2018   638

The chief security officer at Fleetsmith Jesse Endahl and the Dropbox engineer Max Belanger found a way to compromise Apple's computers with MacOS High Sierra to version 10.13.6 when the device connects to Wi-Fi for a first time. Attackers can hack the device before the first start of the system. This is is reported by Digital Trends.

We found a bug that allows us to compromise the device and install malicious software before the user is ever even logged in for the very first time. By the time they’re logging in, by the time they see the desktop, the computer is already compromised.
 

Jesse Endahl

CSO, Fleetsmith

According to experts, the errors are in the tools for the remote access called Device Enrolment Program (DEP) and Mobile Device Management (MDM). When you connect to Wi-Fi for the first time, the laptop connects to Apple's servers and, if its serial number coincides with the company's identifiers, it starts downloading corporate programs from the list in the manifest file. MDM does not require a certificate of authenticity, so hackers can replace the original file with an arbitrary file with its own list of software.

The researchers told Apple about the vulnerability, and the corporation eliminated it with the release of macOS 10.13.6 in July 2018. Computers with older versions of the OS remain vulnerable.

In November 2017, experts discovered a vulnerability in the macOS High Sierra, which allowed root privileges to be received in a couple of clicks. Then the corporation released a bug fix the very next day.

Red Hat Shareholders Approve IBM Business Deal

The $ 34 billion transaction is scheduled for completion in the second quarter of 2019
18 January 2019   165

At a recent meeting of the shareholders of Red Hat, the terms of the deal to sell the Red Hat business to IBM were agreed. The owners of 141 million shares of Red Hat voted to conduct the transaction, the owners of 181 thousand shares spoke against, and the owners of 462 thousand shares abstained. This is reported by the News and Observer

Earlier in October, the deal was agreed at the level of boards of directors of Red Hat and IBM. Until the transaction is completed, it remains to obtain permission from the antimonopoly services of the countries in which the companies are registered. The transaction is scheduled for completion in the second quarter of 2019. The amount of the transaction is approximately $ 34 billion, estimated at $ 190 per share (now the value of the Red Hat share is $ 175, and at the time of the announcement of the transaction was $ 116).

Recall that after the completion of the takeover, Red Hat will continue to operate as a separate unit in the IBM Hybrid Cloud group. IBM will retain the open development model adopted by Red Hat and will continue to support the community that has evolved around Red Hat products. Including will continue to participate in various open source projects, the development of which was involved the company Red Hat. In addition, IBM and Red Hat will continue to defend the interests of free software, providing patent protection and the ability to use their patents in open source software.