New Exploit Lets Attackers Control Macs Even After They Are Formatted

New Exploit Lets Attackers Control Macs Even After They Are Formatted

Posted by · 10993 views · Translate

Macs older than one year are vulnerable to an exploit that can overwrite a machine's firmware, letting attackers control devices even after they are formatted or restored.

The vulnerability, discovered by OS X Security researcher Pedro Vilaca, target a machine's BIOS after it wakes from sleep. Normally, protection known as FLOCKDN, would prevent any apps write access to the BIOS region, but for some reason, the FLOCKDN protection is inactive after a Mac wakes from sleep. That leaves the operating system open to apps to reflash the BIOS and modify the extensive firmware interface (EFI).

"The bug can be used with a Safari or other remote vector to install an EFI rootkit without physical access," Vilaca said in his blog post. "The only requirement is that a suspended happened in the current session. I haven’t researched but you could probably force the suspend and trigger this, all remotely. That’s pretty epic ownage ;-)."

One installed, the malicious code would be very difficult to detect or delete, as reformatting or reinstalling the OS would do nothing since that does not reflash the BIOS. Unfortunately, there is not much users of vulnerable Macs can do to prevent the exploit until Apple releases a fix.

While Vilaca noted how serious this bug is, he did say that in theory, there is not too much to worry about. The bug is more likely to be applied as a targeted attack versus mass exploitation. Vilaca tested the bug on a MacBook Pro Retina, a MacBook Pro 8.2 and a MacBook Air, all running the latest available EFI firmware from Apple.

All Macs released since mid to late 2014 are not affected by this vulnerability, but Vilaca said he was not sure if Apple silently patched it or fixed it accidentally.

Read More via ArsTechnica

New Exploit Lets Attackers Control Macs Even After They Are Formatted

Exploit THIS!! - June 4, 2015 at 8:35am
Like the one guy said, the most widely used OS will have the most viruses, malware, spyware...etc. That's just a common sense, basic fact. Anyone who honestly thinks that you have less of a chance getting a virus/malware/spyware/rootkit...etc on ANY Windows machine is completely retarded. I won't even go into bloatware, BSOD's, and the overall crappiness and user unfriendliness of Windows. OS X is a winner by not a factor of miles, but rather LIGHT YEARS!!!!
Sir Psycho Sexy - June 4, 2015 at 8:43am
Well said, dude. If you want ease of use and a machine that does what you want it to do when you want it to do it, and just plain works like it's supposed to, then get a Mac. If you want to curse your machine, pull your hair out and bang your fists...then buy a Windows machine. The choice is yours!!!
Nat - June 4, 2015 at 11:55am
You can't believe how many times I had to be fed up with it. I used it more because when I was a kid, I only knew windows back then because that's all my family had. I wish I realized was sooner how much of an effort OSX was made so I wouldn't be caught up in bsod anymore. No matter how many times I got rid of it, it kept coming back every other minute. The only way to fix it after it stopped and forced me into safe mode from there was to erase the storage. No joke!
Headbanger - June 4, 2015 at 2:07am
Everything before 2014 is outdated...everyone rush to the nearest Apple Store to upgrade your machines. This guy has to work for Apple
Macjorge - June 3, 2015 at 1:45pm
Mac the best system ? Never hear something like this on windows since msdos l days, mac was secure when only less than 3% of market use it when they reach the 5% the virus appears, the truth is that not is more secure than windows.
7 More Comments