Macs Vulnerable to Firmware Attacks Like 'Thunderstrike', Says Duo Security

Macs Vulnerable to Firmware Attacks Like 'Thunderstrike', Says Duo Security

Apple Mac computers are being exposed to security risks because core software is outdated, research suggests. But, by looking at what EFI updates Apple has released, and then correlating that with a review of over 73,000 Macs running in the real world, they found many systems were not running the latest EFI, even though it's made available through Apple's update services. "In a nutshell", they write, "this means that attacking at the EFI layer means that you exert control of a system at a level that allows you to circumvent security controls put in place at higher levels, including the security mechanisms of the OS and applications".

Out of 54,000 Apple computers 4.2% machines had unexpected versions of extensible firmware interface.

In most cases, firmware is a hassle to update with the latest security patches.

Further analysis of Apple's updates also highlighted what seems to be the erroneous inclusion of 43 versions of EFI binaries in the 2017-001 security updates for 10.10 and 10.11 that were older than the versions of EFI binaries that were released in the previous updates 2016-003 (10.11) and 2016-007 (10.10). Some 31 models capable of the same did not have an EFI firmware patch addressing the remote version of the Thunderstrike 2 flaw. But unlike an OS update failure, an EFI update failure does not send any warning to the user. Here is what the paper says: "At least 16 models received no EFI updates at all".

"Firmware is an often overlooked yet vital component of a system's security structure", said Rich Smith, Duo director of research and development. "We are confident Apple is making significant efforts to increase the security of their EFI environment, and look forward to continuing our research to include the newest OS - High Sierra".

The firmware discrepancies appear to affect different models of Mac computers to varying degrees. The computers tested were receiving software updates, and Apple has been bundling software and firmware updates since 2015. The researchers describe the problem as "software secure, firmware insecure".

"Apple continues to work diligently in the area of firmware security and we're always exploring ways to make our systems even more secure", it said. "In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly".

Cricketer Ajinkya Rahane comes out in support of 'Swachh Bharat Abhiyan'
He also said that the role of the media and civil society in supporting this thought revolution has been appreciable. However, only 16 % people said that local bodies have conducted any drive for awareness on cleanliness.

October is Domestic Violence Awareness Month
October is Domestic Violence Awareness Month and a north country agency is trying to spark conversation about it. Jenks. "Today, we renew our commitment to educating our community, in an effort to break the cycle of violence".

Sturridge has gone downhill since Suarez left Liverpool, says Carragher
Jamie Carragher and Graeme Souness take a look at Liverpool's defending as Newcastle scored their equalising goal on Sunday. Sturridge has remained rooted to the bench, with manager Jurgen Klopp withholding his faith in the player.

But part of the firmware security gap could be the fault of BOFHs rather than Apple.

KitGuru Says: Apple tends to be very diligent when it comes to user security. Updates have to be carried out separately from the operating system updates that are more commonplace.

People with out-of-date EFI versions should know that pre-boot firmware exploits are now considered to be on the bleeding edge of computer attacks. Forty-three percent of those computers sampled were running the wrong firmware.

Such malware is expensive and in most cases, only nation-state cyberspies can afford to develop and use it. An attack of this kind is even more hard to fix.

But Windows users shouldn't be complacent.

Without those updates, affected Macs could be "vulnerable to a variety of known public EFI security issues", they added. In total, 4.2 percent of the tested Macs were insecure.

Related Articles

  • VJacqueline Fernandez outshines Taapsee Pannu in 'Judwaa 2'

    VJacqueline Fernandez outshines Taapsee Pannu in 'Judwaa 2'

    However, despite this the holiday mood among the audience propelled the film's collections during the morning and afternoon shows. The birthday of Mahatma Gandhi became lucky for Judwaa 2 producers as the first weekday too turned out to be a good earning day.
    Hammond throws down gauntlet to Corbyn and says 'bring it on'

    Hammond throws down gauntlet to Corbyn and says 'bring it on'

    Hammond insisted the British people "didn't vote to get poorer or to reduce trade with our closest neighbours and biggest trading partners".
    Vegas concert star called a 'coward'

    Vegas concert star called a 'coward'

    COUNTRY superstar Jason Aldean has been trolled for leaving the stage after shots were fired during his concert in Las Vegas. A gunman is believed to have opened fire from the upper floors of the Mandalay Bay Hotel and Casino.
  • Marcus Rashford relishing competition with Manchester United team-mate Anthony Martial

    Marcus Rashford relishing competition with Manchester United team-mate Anthony Martial

    England global Marcus Rashford has been one of the key men under Mourinho's reign at United. Obviously he's worked with the Under-21s before - he knows how to deal with young players".
    Amit Shah flags off Janaraksha Yatra in Kerala

    Amit Shah flags off Janaraksha Yatra in Kerala

    Shah was received by temple authorities. "We will use democratic means to answer its violence", he said. Shah is likely to be in Kerala for three days and expected to join the march in at least three places.

    Vipshop Holdings Limited (NYSE:VIPS) Downgraded by BidaskClub

    The Firm operates through three divisions: Health, Hygiene & Specialties, Consumer Packaging, and Engineered Materials. JP Morgan reinitiated Vipshop Holdings Ltd - ADR (NYSE: VIPS ) on Wednesday, August 31 with "Neutral" rating.
  • Gas prices in Rhode Island down 3 cents this week

    Gas prices in Rhode Island down 3 cents this week

    The average price of gas in Rhode Island is down by three cents this week, while in MA it's fallen by two cents. Gas in the New Haven area is also cheaper than in Waterbury, where the average fuel price is $2.75 per gallon.

    Horner confident in Red Bull speed

    Vettel , meanwhile, was handed a 20-place grid penalty after Ferrari made several component changes to his engine before the race. His Ferrari team-mate, Kimi Raikkonen , was not able to take the start, in spite of the fact that he was leaving the second rank.
    Ancelotti tranquillizza Montella:

    Ancelotti tranquillizza Montella: "Milan? Starò fermo per i prossimi 10 mesi"

    La posizione di Vincenzo Montella appare sempre più in bilico, soprattutto alla luce della sconfitta di stasera contro la Roma . Ricordiamo che il tecnico di Reggiolo è stato esonerato lo scorso 28 Settembre dopo un pesante avvio di stagione.
  • We deserved to lose against India: Australia captain Smith

    We deserved to lose against India: Australia captain Smith

    Rohit and captain Virat Kohli kept the runs flowing with a 99-run stand, during which Rohit sailed past his hundred. Smith was less than impressed with his side's performance, and said: "Probably around a 300 wicket , I think".
    My Proudest Moment - Tottenham's Harry Winks Thrilled With England Call

    My Proudest Moment - Tottenham's Harry Winks Thrilled With England Call

    Winks was solid on Saturday during Tottenham's 4-0 win at Huddersfield Town, which was his third 90 minutes of the season. According to the Guardian , members of Aslef have planned a walkout starting midnight on Thursday.
    Skipping breakfast can enlarge your waist!

    Skipping breakfast can enlarge your waist!

    Researchers have said skipping breakfast may possibly increase the likelihood of heart disease . Experts said the findings prove breakfast really is the most important meal of the day .