Security News > 2023 > February > New Sh1mmer ChromeBook exploit unenrolls managed devices

New Sh1mmer ChromeBook exploit unenrolls managed devices
2023-02-01 00:02

A new exploit called 'Sh1mmer' allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions.

To bypass these restrictions, security researchers from the Mercury Workshop Team have developed a new exploit called 'Shady Hacking 1nstrument Makes Machine Enrollment Retreat', or 'Sh1mmer,' that lets users unenroll their Chromebooks from enterprise management.

The exploit requires a publicly leaked RMA shim that the Sh1mmer exploit will modify to allow users to manage the device's enrollment.

To use this exploit, you need to download an RMA shim for your Chromebook board, use the researcher's online builder to inject it with the Sh1mmer exploit, and then run the Chrome Recovery utility.

A member of the k12sysadmin Reddit group tested the exploit and stated that they could use the exploit to unenroll their Chromebook and use it as a brand new device.

They did not provide information on how admins can prevent the exploit or detect exploited devices.


News URL

https://www.bleepingcomputer.com/news/security/new-sh1mmer-chromebook-exploit-unenrolls-managed-devices/