Monday, 8 June 2015

Symantec Confirms Firmware Flaw In Mac Computers

Symantec has confirmed that there is indeed a vulnerability in the firmware of most Mac computers exists that an attacker could install a rootkit to gain persistent root access to the computer. This week, researcher Pedro Vilaca revealed the vulnerability of the EFI firmware.

The problem, which is not present in the latest models of Apple, occurs when the computer wakes from its hibernation, allowing a user to access the firmware. The vulnerability can be used both locally and over the internet. For this last attack, however, would an attacker must have a second vulnerability that provides root access. "Although these vulnerabilities is not widespread, they come from time to time or for", says Symantec .

The anti-virus company says that it is a critical vulnerability, as it may give an attacker root access persistent even erasing the hard drive or it can survive reinstallation of the operating system. Symantec notes that no attacks have been observed in the wild yet, but warns that the risk of seizures increases as the news about the leak from spreading.

Until an update is available, users who think risking the advice to use their computer completely off instead of sleep mode. In addition, it is advisable to keep all the software completely up-to-date, since there is a second leak is necessary in order to attack the vulnerability firmware over the internet. The vulnerability has been confirmed in the Mac Mini 5.1, MacBook Pro 8.2, 9.1 and 9.2, 10.1 Retina MacBook Pro and MacBook Air 5.1. MacBook Pro and MacBook Air 11.3 6.2 would not be vulnerable.

No comments:

Post a Comment