Enlarge (credit: Autobahn)
An alarming number of Macs remain vulnerable to known exploits that completely undermine their security and are almost impossible to detect or fix even after receiving all security updates available from Apple, a comprehensive study released Friday has concluded.
The exposure results from known vulnerabilities that remain in the Extensible Firmware Interface, or EFI, which is the software located on a computer motherboard that runs first when a Mac is turned on.

EFI identifies what hardware components are available, starts those components up, and hands them over to the operating system. Over the past few years, Apple has released updates that patch a host of critical EFI vulnerabilities exploited by attacks known as Thunderstrike and ThunderStrike 2, as well as a recently disclosed CIA attack tool known as Sonic Screwdriver.
An analysis by security firm Duo Security of more than 73,000 Macs shows that a surprising number remained vulnerable to such attacks even though they received OS updates that were supposed to patch the EFI firmware. On average, 4.2 percent of the Macs analyzed ran EFI versions that were different from what was prescribed by the hardware model and OS version.

Forty-seven Mac models remained vulnerable to the original Thunderstrike, and 31 remained vulnerable to Thunderstrike 2.

At least 16 models received no EFI updates at all.

EFI updates for other models were inconsistently successful, with the 21.5-inch iMac released in late 2015 topping the list, with 43 percent of those sampled running the wrong version.
Read 10 remaining paragraphs

Leave a Reply