Some computers with wireless Internet capabilities are vulnerable to malicious software that would let hackers take over the machines even if their owners aren't actually online, researchers announced here Wednesday.
The researchers planned to detail the vulnerability in a demonstration at a computer-security conference, showing how to take complete control of a MacBook from Apple Computer Inc.
But researchers David Maynor and Johnny Ellch said the technique will work on an array of machines, including those that run Microsoft Corp.'s Windows and the free Linux operating system.
"The problem itself isn't really an Apple problem," said Maynor, a 28-year-old researcher at SecureWorks Inc., a network-monitoring company. "This is a systemic problem across the industry."
Maynor said the technique could be used to surreptitiously drop what is known as a "root kit" into laptops while they are being used in coffee shops, airports or other public venues. A root kit is a virtually undetectable program that criminals can use to do things such as log passwords and gain access to sensitive files.
A computer need not be connected to the Internet to be infected. All that's required is that it have certain wireless devices installed and that those devices be turned on.
Maynor said he and Ellch were not identifying the makers or models of wireless devices that are vulnerable, so that manufacturers have a leg up on criminals who might exploit the vulnerabilities.
Maynor said the MacBook used in the demonstration was not using the wireless gear that shipped with the computer.
"We did that so we're not singling out Apple," Maynor said.
Apple spokeswoman Lynn Fox declined to comment.