“A zero-day software vulnerability in the firmware of older Apple computers could be used to slip hard-to-remove malware onto a computer, according to a security researcher,” Jeremy Kirk reports for IDG News Service.
“Pedro Vilaca, who studies Mac security, wrote on his blog that the flaw he found builds on previous ones but this one could be far more dangerous. Apple officials could not be immediately reached for comment,” Kirk reports. “Vilaca found it was possible to tamper with an Apple computer’s UEFI (unified extensible firmware interface). UEFI is firmware designed to improve upon BIOS, which is low-level code that bridges a computer’s hardware and operating system at startup.”
“The UEFI code is typically sealed off from users. But Vilaca wrote that he found the code is unlocked after a computer goes to sleep and reawakens, allowing it to be modified. Apple computers made before mid-2014 appear to be vulnerable,” Kirk reports. “Vilaca wrote it is then possible to install a rootkit, a type of malware that is hard to remove and nearly undetectable by security products. The only defense is to not let the computer sleep and always shut it down, Vilaca wrote.”
Read more in the full article here.
MacDailyNews Take: Patch away, Apple!
Apple preparing to release ‘Thunderstrike’ patch for OS X – January 26, 2015
Apple secures Macs against ‘Thunderstrike’ attacks in OS X 10.10.2 – January 24, 2015
New proof-of-concept ‘Thunderstrike’ bootkit for OS X can permanently backdoor Macs – January 9, 2015
Macs vulnerable to virtually undetectable malware that ‘can’t be removed’, but physical access is required – January 12, 2015