2023-02-01
SH1MMER ChromeBook Exploit
Editor's Note
If you're reliant on your managed mode for your Chromebook fleet, you're going to need to monitor to make sure they remain enrolled until Google's patch can be deployed. Effectively, you boot from external media, run the code which both unenrolls the device and puts it in developer mode. If you're researching this behavior, make sure that you're using a valid shim, as some will brick the Chromebook. If you're creating a device that supports developer and managed modes, create two accounts before enrolling: first in developer mode, the second enrolled.
Lee Neely
This exploit requires direct access to the ChromeBook. While that may be appealing for users of enrolled and managed ChromeBooks, it is likely a violation of enterprise IT security policies and violators would be held accountable. Physical access to devices (laptops, desktops, etc.) open up a number of potential new attack vectors that can be used by an adversary.
Curtis Dukes
Read more in
The Register: Chromebook SH1MMER exploit promises admin jailbreak
SC Magazine: Google looking into fix for SH1MMER exploit that can unenroll Chromebooks
The Hacker News: New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices
Bleeping Computer: New Sh1mmer ChromeBook exploit unenrolls managed devices
Neowin: Meet SH1mmer, the big bad Chromebook exploit no one is talking about