UEFI flaw makes many Macs vulnerable

[JohnWick]

A newly discovered flaw has been found by a security researcher. It allows an attacker to install malware that can persist even after all data on the hard drive has been erased. The flaw modifies Apple’s UEFI (unified extensible firmware interface).
source: http://slashdot.org/submission/4490343/uefi-flaw-makes-many-macs-vulnerable

 

[lowendlinux]

Interesting

I wonder how long until there is a patch?

 

[tomvos]

That's a scary bug. If it really affects all EFI based Macs build before 2014 then Apple has a lot of new firmwares to build and test. Might take a while.

 

[ActionableMango]

I don't understand why this wouldn't be stopped by a simple router firewall, but there is so little detail in the article.

 

[Gav2k]

Why the hell post a link that causes iOS App Store redirects when there is a direct article link in that useless post!

http://www.bestvpnprovider.com/uefi-flaw-makes-many-macs-vulnerable/

 

[m4v3r1ck]

What's the use of the article, no further info's, BUT marketing for a provider?

Nevertheless Cheers!

 

[tomvos]

Some further explanation can be found in this article.

https://threatpost.com/firmware-bug-in-osx-could-allow-installation-of-low-level-rootkits/113076

“Anyone who has developed Thunderstrike like capabilities can exploit this bug right away with minimal effort. It’s more powerful than Thunderstrike because it allows remote attack vectors while Thunderstrike is mostly a local and physical attack to the target machines,”​

 

[TzunamiOSX]

https://reverse.put.as/2015/05/29/t...r-mac-firmware-security-is-completely-broken/

Tested with DarwinDumper (BIOS System log) and it looks like the MacPro 5,1 in not vulnerable. My MacBook 9,2 is vulnerable.

 

[m4v3r1ck]

Some further explanation can be found in this article.

https://threatpost.com/firmware-bug-in-osx-could-allow-installation-of-low-level-rootkits/113076

“Anyone who has developed Thunderstrike like capabilities can exploit this bug right away with minimal effort. It’s more powerful than Thunderstrike because it allows remote attack vectors while Thunderstrike is mostly a local and physical attack to the target machines,”​

Thanks @tomvos and @TzunamiOSX for the usefull link!

Proost!

 

[Amethyst]

Can we looking this as the way to overclock our macs?