Skip to main content

Mac vulnerability

See All Stories

Nasty Mac vulnerability allows remote attack, survives OS X reinstallation & even drive format

Site default logo image

bios

A serious vulnerability in Macs more than a year old would allow an attacker to take permanent control of the machine, retaining control even if the user reinstals OS X or reformats the drive.

The vulnerability was discovered by security researcher Pedro Vilaca, who found a way to reflash the BIOS – code stored in flash memory, not on the drive. This means that the machine remains compromised even if the hard drive is physically replaced … 
Expand
Expanding
Close

Security researcher rewrites Mac firmware over Thunderbolt, says most Intel Thunderbolt Macs vulnerable

Site default logo image

firmware

A security researcher speaking at the Chaos Computer Congress in Hamburg demonstrated a hack that rewrites an Intel Mac’s firmware using a Thunderbolt device with attack code in an option ROM. Known as Thunderstrike, the proof of concept presented by Trammel Hudson infects the Apple Extensible Firmware Interface (EFI) in a way he claims cannot be detected, nor removed by reinstalling OS X.

Since the boot ROM is independent of the operating system, reinstallation of OS X will not remove it. Nor does it depend on anything stored on the disk, so replacing the harddrive has no effect. A hardware in-system-programming device is the only way to restore the stock firmware.

Apple has already implemented an intended fix in the latest Mac mini and iMac with Retina display, which Hudson says will soon be available for other Macs, but appears at this stage to provide only partial protection… 
Expand
Expanding
Close