An alarming number of patched Macs remain vulnerable to stealthy firmware hacks

Channel:
Tech House
Subscribers:
958
Published on ● Video Link: https://www.youtube.com/watch?v=fej63_R7ZiM


Duration: 5:41
5 views
0

An alarming number of patched Macs remain vulnerable to stealthy firmware hacks.
An alarming number of Macs remain vulnerable to known exploits that completely undermine their security and are almost impossible to detect or fix even after receiving all security updates available from Apple, a comprehensive study released Friday has concluded.

Further ReadingWorld’s first (known) bootkit for OS X can permanently backdoor MacsThe exposure results from known vulnerabilities that remain in the Extensible Firmware Interface, or EFI, which is the software located on a computer motherboard that runs first when a Mac is turned on. EFI identifies what hardware components are available, starts those components up, and hands them over to the operating system. Over the past few years, Apple has released updates that patch a host of critical EFI vulnerabilities exploited by attacks known as Thunderstrike and ThunderStrike 2, as well as a recently disclosed CIA attack tool known as Sonic Screwdriver.

An analysis by security firm Duo Security of more than 73,000 Macs shows that a surprising number remained vulnerable to such attacks even though they received OS updates that were supposed to patch the EFI firmware. On average, 4.2 percent of the Macs analyzed ran EFI versions that were different from what was prescribed by the hardware model and OS version. Forty-seven Mac models remained vulnerable to the original Thunderstrike, and 31 remained vulnerable to Thunderstrike 2. At least 16 models received no EFI updates at all. EFI updates for other models were inconsistently successful, with the 21.5-inch iMac released in late 2015 topping the list, with 43 percent of those sampled running the wrong version.



Other Videos By Tech House


2017-10-28Assassin's Creed Origins review in progress Climb like an Egyptian
2017-10-28BrandPost Why Gamers and Critics Love the Alienware 15
2017-10-28Roku Ultra 2017 review Stuck in the middle
2017-10-28Destiny 2 PC requirements and graphics performance guide
2017-10-28Elon Musk shared a Boring photo of his company's Los Angeles tunnel
2017-10-28Microsoft 1Q18 Office 365 is booming, Azure continues to climb
2017-10-28Zenefits founder Parker Conrad will pay $500,000 to settle SEC charges alleging he misled
2017-10-28Worst Phone Launches of All Time
2017-10-28First iPhone X batch reportedly only contains 46,500 units
2017-10-28Apple reveals new emojis coming with iOS 11 1, including “I love you” hand sign
2017-10-28An alarming number of patched Macs remain vulnerable to stealthy firmware hacks
2017-10-28LG G6 Now Just $399, But Here's the Catch
2017-10-28Super Mario Odyssey Review Roundup Practically Perfect
2017-10-28Apple's Online Store Down Ahead of iPhone X Pre Orders
2017-10-28Are Free VPN Apps Worth the Risk Experts Say 'No'
2017-10-28Here's how to prepare for you financial future if you work in the gig economy
2017-10-28The most expensive Airbnb in San Francisco is this 10 bedroom Victorian mansion that costs
2017-10-28There's a sprawling college building in Utah where 400 students live, sleep, and study to be
2017-10-28$GOOG Analysis Google's rapidly narrowing future
2017-10-28Join us at IGNITION Future of Media!
2017-10-28Government cancer screening register delayed again Labor


Tags:
An alarming
number of patched Macs remain vulnerable to stealthy firmware hacks
An alarming number of patched Macs remain vulnerable to stealthy firmware hacks