Millions of Up-to-Date Apple Macs Remain Vulnerable to EFI Firmware Hacks
Sep 29, 2017
" Always keep your operating system and software up-to-date ." This is one of the most popular and critical advice that every security expert strongly suggests you to follow to prevent yourself from major cyber attacks. However, even if you attempt to install every damn software update that lands to your system, there is a good chance of your computer remaining outdated and vulnerable. Researchers from security firm Duo Labs analysed over 73,000 Macs systems and discovered that a surprising number of Apple Mac computers either fails to install patches for EFI firmware vulnerabilities or doesn't receive any update at all. Apple uses Intel-designed Extensible Firmware Interface (EFI) for Mac computers that work at a lower level than a computer's OS and hypervisors—and controls the boot process. EFI runs before macOS boots up and has higher-level privileges that, if exploited by attackers, could allow EFI malware to control everything without being detecte