Many Macs vulnerable to firmware attacks

Researchers at Duo Labs analysed over 73,000 Mac systems and found that despite they had the latest software updates installed, they had outdated firmware. This means that many popular Mac models are vulnerable to sophisticated attacks and malicious firmware vulnerabilities.

"This creates the situation where admins and users have installed the latest OS or security update, but for some reason, the EFI was not updated. Compounding this issue is the lack of notifications provided to the user to inform them that they are running an unexpected version of EFI firmware. This means that users and admins are often blind to the fact that their system's EFI may continue to be vulnerable."

Apple is working to improve the factors behind this situation; it's still not publicly known whether this is a process or visibility problem on Apple's end, or how the company intends to address this.

"We appreciate Duo's work on this industry-wide issue and noting Apple's leading approach to this challenge," Apple told Threatpost. "Apple continues to work diligently in the area of firmware security and we're always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly."

Read more -here-

• Microsoft is laying off as many as 9,000 employees
• NASA will start livestreaming content on Netflix later this summer
• The government's Apple antitrust lawsuit is still on
• Millions of printers open to hacks due to unpatchable security flaw
• Microsoft to retire the Blue Screen of Death for a Black Void
• Google rolls out Street View time travel to celebrate 20 years of Google Earth