Home » News » Apple Vulnerability allows Firmware Modification in Macs

Dated: 1st June, 2015

A zero day software vulnerability in the firmware of Apple computers make it possible to tamper with its Unified Extensible Firmware Interface (UEFI) . UEFI basically is a firmware designed to improve upon BIOS, which is low-level code that bridges a computer’s hardware and operating system at startup.

UEFI code is generally sealed off but it has been found that it is in the unlocked state when the computer gets on after a sleep. This vulnerability can be exploited to install a rootkit or malware into the system. Apple is yet to comment on this vulnerability.

Affected Systems
The attack was successfully tested on a MacBook Pro Retina, a MacBook Pro 8.2 and a MacBook Air, all running the latest EFI firmware available.

[1]. https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/