In early August a senior researcher at SecureWorks said he had revealed a vulnerability in Apple’s MacBook wireless software driver that would allow him to take control of the machine. While the researcher did find a vulnerability, he was using a third-party wireless driver, not the driver that ships with the MacBook.
“Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is,” Apple Director of Mac PR, Lynn Fox, told Macworld . “To the contrary, the SecureWorks demonstration used a third party USB 802.11 device–not the 802.11 hardware in the Mac–a device which uses a different chip and different software drivers than those on the Mac. Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship.”
SecureWorks researcher David Maynor and “Johnny Cache” demonstrated the vulnerability at the Black Hat conference using a MacBook. Maynor told the Washington Post at the time that they demoed the flaw on the Mac because of the “Mac user base aura of smugness on security.”
As it turns out, Maynor did not use the internal Apple wireless driver, but rather a third-party driver. SecureWorks’ Web site has been updated since the demonstration to reflect that fact.
“Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver — not the original wireless device driver that ships with the MacBook,” says the company’s Web site. “As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available.”