Skip to main content
  1. Home
  2. Computing
  3. News

Report reveals vulnerabilities in Mac firmware affecting thousands of computers

Eric Brackett
By

refurbished apple product deals Refurbished 13.3 inch MacBook Air
A team of researchers at Duo Security revealed that there are some issues with Apple’s application of firmware updates, which has resulted in some users being left with out of date EFI firmware.

The researchers analyzed 73,000 Mac devices and found that Apple’s security updating process was not working as the company intended. They found that a little over four percent of those computers were running with outdated Apple firmware, despite having received recent updates. Duo’s report didn’t give the exact cause of the problem, but simply noted that for “some reason” the EFI firmware was not being updated when the computers in question received security or OS updates.

Firmware is the software which runs underneath the OS and controls the computer when it is booting up. Security issues within firmware can be difficult to notice, which often makes it a target for more advanced hackers. Duo noted that average home users have little reason for concern, due to the fact that the complexity of firmware attacks usually relegates hackers to target enterprises and other valuable entities.

Related

“If you’re a home user with a Mac that falls into one of the above categories as their personal computing device, then the sky isn’t falling for you, in our opinion,” Duo said. “Attacks against EFI have so far been part of the toolkit used by sophisticated adversaries who have specific high value targets in their sights.”

Duo did caution that enterprise users should take some extra precautions. In addition to ensuring that all their Macs ran the latest version of Mac OS, the security company advised phasing out, or at least isolating, those computers which were not eligible for the most recent security updates.

For its part, Apple has worked to improve its firmware and patch security vulnerabilities as they arise.

“We appreciate Duo’s work on this industry-wide issue and noting Apple’s leading approach to this challenge,” an Apple spokesperson told Gizmodo. “Apple continues to work diligently in the area of firmware security and we’re always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.”

Editors' Recommendations

Topics
The best password managers for 2023
have i been pwned owner uncovers 13 million plaintext passwords leaked from free webhost is a safe password even possible we
Character.AI: how to use this entertaining ChatGPT alternative
Character_ai public room
Microsoft just scored a big win with Apple
Apple TV preview for the Microsoft App Store.
This ChatGPT scam duped thousands of people into downloading fake app
ChatGPT and OpenAI logos.
The best Lenovo laptops for 2023
Lenovo ThinkPad X1 Carbon (2018) review
Here’s why people are saying to avoid the entry-level M2 Pro MacBook Pro
A person sitting in a vehicle using a MacBook Pro on their lap.
The best Chromebook for students for 2023
ASUS Chromebook Flip C214 sitting on a desk in a classroom.
The best VR headset might be one you’ve never heard of
Alan Truly turns toward the camera, wearing the Varjo Aero VR headset.
Why you need to order LG’s 240Hz OLED gaming monitor
The LG pre-release image for the 45-inch UltraGear OLED curved gaming monitor WQHD
2 ways the new MacBook Pro may be worse than the 2021 model
Apple MacBook Pro seen from the side.
Hackers dug deep in the massive LastPass security breach
The LastPass logo appears in front of a menacing hooded figure.
HP Dragonfly Pro vs. Apple MacBook Pro 14: a solid alternative?
The HP Dragonfly Pro Support app.
I can’t believe I’m recommending Forspoken on PS5 over PC
Frey using magic in Forspoken.