A security vulnerability discovered in Apple’s Device Enrollment Program (DEP) could allow an attacker to gain full access to a corporate or school network.
The DEP is a free service offered by Apple to allow new devices to be automatically configured with everything from custom apps to VPN settings. All that is needed is the serial number of the device, and that’s the root of the problem, says the security researcher who discovered it …
more…