Report reveals vulnerabilities in Mac firmware affecting thousands of computers

refurbished apple product deals Refurbished 13.3 inch MacBook Air
A team of researchers at Duo Security revealed that there are some issues with Apple’s application of firmware updates, which has resulted in some users being left with out of date EFI firmware.

The researchers analyzed 73,000 Mac devices and found that Apple’s security updating process was not working as the company intended. They found that a little over four percent of those computers were running with outdated Apple firmware, despite having received recent updates. Duo’s report didn’t give the exact cause of the problem, but simply noted that for “some reason” the EFI firmware was not being updated when the computers in question received security or OS updates.

Firmware is the software which runs underneath the OS and controls the computer when it is booting up. Security issues within firmware can be difficult to notice, which often makes it a target for more advanced hackers. Duo noted that average home users have little reason for concern, due to the fact that the complexity of firmware attacks usually relegates hackers to target enterprises and other valuable entities.

“If you’re a home user with a Mac that falls into one of the above categories as their personal computing device, then the sky isn’t falling for you, in our opinion,” Duo said. “Attacks against EFI have so far been part of the toolkit used by sophisticated adversaries who have specific high value targets in their sights.”

Duo did caution that enterprise users should take some extra precautions. In addition to ensuring that all their Macs ran the latest version of Mac OS, the security company advised phasing out, or at least isolating, those computers which were not eligible for the most recent security updates.

For its part, Apple has worked to improve its firmware and patch security vulnerabilities as they arise.

“We appreciate Duo’s work on this industry-wide issue and noting Apple’s leading approach to this challenge,” an Apple spokesperson told Gizmodo. “Apple continues to work diligently in the area of firmware security and we’re always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.”

Product Review

Sleek and expensive, the Apple TV 4K will still delight the Apple faithful

Is Apple’s latest streaming set-top box a revolution, or too little too late? Find out in our Apple TV 4K review, and learn how this device wins in some big categories, but falters in others.
Gaming

How you can give your PS4 a fresh start with a factory reset

Learn the many ways you can factory reset your PS4. From reverting your settings to factory to doing a full wipe and reinstalling the latest PlayStation firmware, we cover it all here, step by step.
Computing

Potentially malicious WinRAR vulnerability patched after almost 20 years

WinRAR, a piece of Windows software for managing archival formats, has been harboring a vulnerability for nearly two decades, potentially allowing malicious software to insert items into a computer's startup folder without user permission.
Health & Fitness

Nike’s Android app is bricking its $350 Adapt BB self-lacing shoes

A firmware update for Nike's new self-lacing Adapt BB shoe appears to be bricking the $350 footwear for some owners. Android users have said the Nike app no longer pairs with the shoe, rendering the tightening mechanism useless.
Deals

Amazon cuts prices on the Apple Watch Series 3 for Presidents’ Day

The Apple Watch Series 3 is seeing the same price cut we saw during the Amazon sale just last week. So if you're hoping to pick up an Apple Watch for less than $250, this $50 discount from Amazon can make that happen for you.
Deals

It’s time to check out the best Apple Watch deals for February 2019

The Apple Watch has surged to prominence in recent years. If you're in the market for an iOS wearable, we've sniffed out the best Apple Watch deals available right now for all three models of this great smartwatch.
Deals

Apple brings back the iPhone SE with a $100 clearance discount included

Apple is offering the iPhone SE on their online clearance store once again. With discounts of $100, you can get a brand new unlocked iPhone SE for as little as $249. This offer is only available while supplies last.
Deals

Need a new tablet? Here are the best iPad deals for February 2019

In the wide world of tablets, Apple is still the king. If you're on team Apple and just can't live without iOS, we've curated an up-to-date list of all of the best iPad deals currently available for December 2018.
Computing

Chrome is a fantastic browser, but is is still the best among new competitors?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.
Deals

Looking to upgrade? These are the best iPhone deals for February 2019

Apple devices can get expensive, but if you just can't live without iOS, don't despair: We've curated an up-to-date list of all of the absolute best iPhone deals available for February 2019.
Deals

From Air to Pro, here are the best MacBook deals for February 2019

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.
Mobile

Apple stomps on one FaceTime bug, only to have another one appear

Having fixed a FaceTime bug that let users eavesdrop on calls, another issue with Apple's video chat app appears to have surfaced. It concerns adding people to group calls, though there is a workaround.
Mobile

With Galaxy S10e, Samsung unapologetically rips a page out of Apple’s playbook

Samsung's Galaxy S10e -- a new entry in the Galaxy S-series -- has a few things in common with Apple's lower-cost iPhone XR. From the price tag to the color, we take a look atthe similarities.
Deals

Protect your iPhone or iPad with the IPVanish VPN, on sale through February

One of our favorite virtual private networks for iPhones and iPads, IPVanish, is now offering a huge discount on its two-year subscription as part of its 7th-birthday promotion. Read on to find out more about how this VPN works and how you…