DisplayLink and macOS Security – Targus US

DisplayLink and macOS Security

- Posted in: Tech Talk
DisplayLink and macOS Security

Since macOS High Sierra 10.13.4, the operating system applies a stricter security policy to software that requires kernel extensions (KEXTs). The DisplayLink driver installation includes a system extension (DisplayLinkDriver.kext) that are affected by this policy. As a result of this change users now must explicitly enable this system extension after installing the DisplayLink driver and before the DisplayLink software is allowed to run. Users are prompted during the installation process for approval to install the DisplayLink KEXT. Additional information is available in these articles

Enabling the DisplayLink kernel extension does not pose a security risk to the operating system or disable system integrity protection (SIP).  The act of allowing the DisplayLink KEXT does not open any holes in macOS. The system stays protected and secure, as it only uses the operating systems’ standard way of allowing code to run next to the system’s KEXTs. Every KEXT has a digital signature. When installed, it allows a specific version of the driver to be run by the O/S – in this case, nothing else other than DisplayLink’s kernel extension is allowed.

Additionally, with macOS 10.14.5 the system requires notarization, which means that the DisplayLink digitally signed driver is additionally scanned by Apple’s automated systems that guarantees there’s no malicious content. That gives users another layer of protection and confidence that the driver is meeting all the security standards Apple has for kernel extensions (including using a hardened runtime).