EFI Stories June 2, 2015

A serious vulnerability in Macs more than a year old would allow an attacker to take permanent control of the machine, retaining control even if the user reinstals OS X or reformats the drive.

The vulnerability was discovered by security researcher Pedro Vilaca, who found a way to reflash the BIOS – code stored in flash memory, not on the drive. This means that the machine remains compromised even if the hard drive is physically replaced …  expand full story

EFI Stories December 30, 2014

A security researcher speaking at the Chaos Computer Congress in Hamburg demonstrated a hack that rewrites an Intel Mac’s firmware using a Thunderbolt device with attack code in an option ROM. Known as Thunderstrike, the proof of concept presented by Trammel Hudson infects the Apple Extensible Firmware Interface (EFI) in a way he claims cannot be detected, nor removed by reinstalling OS X.

Since the boot ROM is independent of the operating system, reinstallation of OS X will not remove it. Nor does it depend on anything stored on the disk, so replacing the harddrive has no effect. A hardware in-system-programming device is the only way to restore the stock firmware.

Apple has already implemented an intended fix in the latest Mac mini and iMac with Retina display, which Hudson says will soon be available for other Macs, but appears at this stage to provide only partial protection…  expand full story

EFI Stories July 22, 2014

Last week’s MacBook Air firmware update reportedly failing to install for some, leaving users with bricked machines

Apple released an EFI firmware update (version 2.9) for the mid-2011 MacBook Air last week to address problems the computer could have while waking from sleep, but recently users have started to report on the company’s support forum that the software was failing to install on their machines, and in some cases leaving them with completely non-functional computers, as first noted by MacRumors.

While some users report that their MacBook Airs shut down for several hours only to suddenly spring back to life, others claim that their machines still won’t startup. In other cases, users are finding that the Mac App Store prompts them to re-install the update over and over. So far there aren’t any reports of a successful resolution to the issue, even through AppleCare channels.

If you haven’t already installed the update, it may be best to sit this one out until Apple has fixed whatever problem seems to be plaguing users at the moment.

EFI Stories June 10, 2014

Apple issues MacBook Air EFI update to repair power, Thunderbolt/USB-related bugs

A day after it released an SMC update to address MacBook Air battery issues, Apple has issued an EFI update for the same mid-2013 and early-2014 models to address various other issues:

This update is recommended for MacBook Air (mid 2013 and early 2014) models.

This update improves reliability when waking from sleep and when booting while certain USB and Thunderbolt devices are connected.

This update also addresses a rare memory issue that may cause the system to randomly reboot, and an issue where the system may not properly sleep the built-in display when an external display is connected while running Windows using Boot Camp.

The update can be downloaded directly from Apple’s support website or it can be found via the Software Update tab in the Mac App Store.

EFI Stories September 14, 2011

After releasing an EFI firmware update for the MacBook Air earlier this week, Apple has released an EFI update for both the MacBook Pro and Mac mini this afternoon. The MacBook Pro update is version 2.2 and Mac mini version 1.3, fixing compatibility issues for the upcoming Thunderbolt Display and bringing numerous Lion fixes — and adding Lion Internet Recovery on the MacBook Pro.

Hit up Software Update on your Mac to get downloading. (via The Next Web)

Powered by WordPress.com VIP