A claimed security hole in Apple's MacBook has been exposed as a misrepresentation.
Earlier this month, a researcher at SecureWorks said he had revealed a vulnerability in the laptop's wireless software driver that would allow him to take control of the machine. There was a vulnerability but it was exploited by using a third-party wireless driver rather than the one that ships with the MacBook.
"Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, it has provided no evidence that in fact it is," said an spokeswoman. "To the contrary, the SecureWorks demonstration used a third-party USB 802.11 device – not the 802.11 hardware in the Mac – a device that uses a different chip and different software drivers to those on the Mac. Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship."
SecureWorks researcher David Maynor and 'Johnny Cache' demonstrated the vulnerability at the Black Hat conference using a MacBook. Maynor told the Washington Post at the time that they demoed the flaw on the Mac because of the "Mac user base aura of smugness on security".
SecureWorks' website has been updated since the demonstration to reflect the fact that a third-party driver had been used in the demonstration. "Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver – not the original wireless device driver that ships with the MacBook," it now reads.
"As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."