Still worried about MacDefender? That’s nothing: a new security vulnerability in MacBook batteries means that it’s possible that future hackers won’t just try to steal your credit card numbers, but might actually cause your computer to meltdown instead.
The vulnerability was discovered by Accuvant security researcher Charlie Miller, who says that Apple’s MacBook batteries use default passwords on their MacBooks.
Why’s that a problem? Well, because the batteries use default passwords, the battery controller can be compromised by any malicious hacker who knows the password, giving him access to the low level hardware. This security hole can then be exploited in various ways, from just causing the battery to stop functioning to auto-installing malware. It can even cause full on overheating.
Miller got the passwords by backwards engineering one of Apple’s 2009 battery update.
The good news is that right now, this isn’t a major security threat. To get remote access to the battery of your MacBook, a malware developer would first have to figure out a way to bypass OS X’s security measures, which isn’t an easy task.
If that doesn’t set your mind at ease, though, don’t worry: while Apple susses the issue out, Miller intends on releasing his own fix for the problem called Caulkgun, which will randomize your battery’s password.
