New Sh1mmer ChromeBook exploit unenrolls managed devices

A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions.

When Chromebooks are enrolled with a school or an enterprise, they are managed by policies established by the organization’s administrators. This allows admins to force-install browser extensions, apps, and to restrict how a device can be used.

Read more…
Source: Bleeping Computer