Apple secures Macs against ‘Thunderstrike’ attacks in OS X 10.10.2

“”Thunderstrike” is the name for an attack that can target Mac hardware via the Thunderbolt port,” Rene Ritchie reports for iMore.

“Apple had previously updated the Retina 5K iMac and 2014 Mac mini to partially secure them against Thunderstrike,” Ritchie reports. “Now, the upcoming OS X Yosemite 10.10.2 will fix the problem for all recent Macs running Yosemite.”

“To secure against Thunderstrike, Apple had to change the code to not only prevent the Mac’s boot ROM from being replaced, but also to prevent it from being rolled back to a state where the attack would be possible again,” Ritchie reports. “According to people with access to the latest beta of OS X 10.10.2 who are familiar with Thunderstrike and how it works, that’s exactly the deep, layered process that’s been completed.”

Read more in the full article here.

MacDailyNews Take: The Mac just keeps getting more and more secure!

Related articles:
Macs vulnerable to virtually undetectable malware that ‘can’t be removed’, but physical access is required – January 12, 2015
New proof-of-concept ‘Thunderstrike’ bootkit for OS X can permanently backdoor Macs – January 9, 2015


  1. “The Mac just keeps getting more and more secure!”

    Well, that statement is just plain silly.

    Why is the article worded so funny? “The 5K iMac and 2014 mini were updated to partially secure them.” Does that mean they have different Thunderbolt hardware than everyone else, or was there a software update for them that no one has heard about, or is it something in their firmware? “10.10.2 will fix the problem for all recent Macs running Yosemite.” What about older Macs with Thunderbolt ports that came with Mavericks?

  2. I sincerely hope Apple release an accompanying Security Update for OSX 10.9 for those of us that don’t yet trust 10.10 enough to make that jump. I’d rather run the Thunderstrike risk than put up with a massively buggy system for daily use.

    1. I spend nine hours a day on Yosemite (running FCP X, some Photoshop, Audition, etc). Since the Mac was purchased (about a year and a half, two OSes ago), it has been shut down about half a dozen times altogether. Since Yosemite was installed, perhaps once or twice (when I was on vacation). At any time, there are at least 5 applications open, some with many windows/tabs.

      I have not noticed any degradation of performance or increase in buggy experience since upgrading to Yosemite. Your mileage may vary, but for very many of us who simply don’t have the need to post our positive experience, Yosemite has been perfectly fine and stable.

      1. My early 2011 MacBook Pro is also stable with Yosemite, but I’m not running it with minimal RAM and a full hard drive.
        FYI – I’ve recently upgraded to a 1TB SDD and 16GB RAM. This thing flies, it’s like a have a brand new Mac.

  3. I’m just happy Apple is somewhat fixing these issues quickly compared to their history! Hopefully they patch older systems as well, I have 300 clients running 10.8.5 still.

  4. I have to call this out is ‘iffy’ reporting. Much as I respect René Richie, this is the second time this week he has stuck his neck out far enough to potentially have his head lopped off. I hope he is 100% correct in his speculations as this would be GREAT!

    Hopefully, we’ll know the facts of these potential Apple patches this coming week.

    ∑ ≈ All the Google discovered and all the Thunderstrike vulnerabilities patched in 10.10.2.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.