UEFI - Unified Extensible Firmware Interface — is what the Mac uses to boot from firmware and into the OS X operating system. If you're familiar with BIOS, then this replaced that. At the Chaos Communication Congress (CCC) in 2014, a presentation showed how a vulnerability in the boot script table could be used to rewrite the firmware when a Mac wakes after being in sleep mode. As usual, it's something to be informed about, but for the vast majority of people, nothing to panic about. According to Reverse Engineering Mac OS:
As a general user you shouldn't, in theory, be much worried with this bug more than you were with Thunderstrike. This is a bug more interesting to attack targeted users than mass exploitation, although a drive-by exploit is definitely feasible.
For anyone to exploit the vulnerability, they need already to have root access to your Mac, and the ability to issue commands as root. And if that's the case, the remote access itself would be your most pressing concern. In other words, it needs the back window to be unlocked before it can get in and chain itself to the furnace.
Macs manufactured after mid-2014 appear not to be affected. Given the nature of the exploit and the attention it's getting, I expect Apple will be issuing a patch for affected systems as soon as possible.
If you think you may be targeted, you can mitigate the risk by running as a standard user rather than as an admin. If you have to run as admin, disable sleep and shut down your Mac when you're done with it instead. You can do that in System Preferences > Energy Savings.
Also, remember to practice safe surfing. Most attacks begin with phishing — bogus messages that try to con you into clicking on malware links — or social engineering — attempts to trick you into handing over your password.
For expert users, the following test procedure is also detailed:
Downloading DarwinDumper and load the DirectHW.kext kernel extension. Then you can use flashrom with "flashrom -r biosdump -V -p internal" to dump the bios and show the register contents. Else you can compile yourself DirectHW.kext and also flashrom. DarwinDumper just works out of the box and its kext appears to be legit (it's on Apple exclusion list so at least Apple trusts it ;-)).
Apple continues to work on new ways to improve security. Recent examples include the Mac App Store, Gatekeeper, and Sandboxing. Hopefully, we'll see and hear even more about the company's plans for OS X security at WWDC 2015, which kicks off June 8.
Nick Arnott contributed to this article.
We may earn a commission for purchases using our links. Learn more.
FAQ: TikTok & WeChat ban — why it’s happening and what it means for you
Are TikTok and WeChat really being banned? When does all of this take effect? Will I still be able to use these apps? All this and more answered in our FAQ regarding the latest U.S. orders.
Plan your day with Hour Blocks and its amazing iOS 14 Home screen widgets
Planning your day is no fun but sometimes you find an app that goes some way to making it less boring. Hour Blocks does a decent job and it looks lovely, too.
Scribble Together gets the coolest iOS 14 App Clip we've seen so far
Scribble Together has released its new App Clip for Scribble Together, which will allow users to collaborate on a Scribble Together whiteboard even if they don't have the app.
These HomeKit cameras work with iOS14's Face Recognition and Activity Zones
iOS 14 brings some powerful new capabilities to HomeKit Secure Video-enabled cameras like Face Recognition and Activity Zones. Here's all of the cameras and doorbells that support the latest and greatest HomeKit features.