Security firm finds some Macs vulnerable to 'firmware'
attacks
Send a link to a friend
[September 30, 2017]
By Stephen Nellis
(Reuters) - Since 2015, Apple Inc <AAPL.O>
has tried to protect its Mac line of computers from a form of hacking
that is extremely hard to detect, but it has not been entirely
successful in getting the fixes to its customers, according to research
released on Friday by Duo Security.
Duo examined what is known as firmware in the Mac computers. Firmware is
an in-built kind of software that is even more basic than an operating
system like Microsoft Windows or macOS.
When a computer is first powered on -- before the operating system has
even booted up -- firmware checks to make sure that basic components
like a hard disk and processor are present and tells them what to do.
That makes malicious code hiding in it hard to spot.
In most cases, firmware is a hassle to update with the latest security
patches. Updates have to be carried out separately from the operating
system updates that are more commonplace.
In 2015, Apple started bundling firmware updates along with operating
system updates for Mac machines in an effort to ensure firmware on them
stayed up to date.
But Duo surveyed 73,000 Mac computers operating in the real world and
found that 4.2 percent of them were not running the firmware they should
have been based on their operating system. In some models - such as the
21.5-inch iMac released in late 2015 - 43 percent of machines had
out-of-date firmware.
[to top of second column] |
Apple CEO Tim Cook speaks under a graphic of the new MacBook Pro
during an Apple media event in Cupertino, California, U.S. October
27, 2016. REUTERS/Beck Diefenbach
That left many Macs open to hacks like the "Thunderstrike" attack, where hackers
can control a Mac after plugging an Ethernet adapter into the machine's
so-called thunderbolt port.
Paradoxically, it was only possible to find the potentially vulnerable machines
because Apple is the only computer maker that has sought to make firmware
updates part of its regular software updates, making it both more trackable and
the best in the industry for firmware updates, Rich Smith, director of research
and development at Duo, told Reuters in an interview.
Duo said that it had informed Apple of its findings before making them public on
Friday. In a statement, Apple said it was aware of the issue and is moving to
address it.
"Apple continues to work diligently in the area of firmware security, and we’re
always exploring ways to make our systems even more secure," the company said in
a statement. "In order to provide a safer and more secure experience in this
area, macOS High Sierra automatically validates Mac firmware weekly.”
(Reporting by Stephen Nellis; Editing by Leslie Adler)
[© 2017 Thomson Reuters. All rights
reserved.] Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
