An alarming number of Macs remain vulnerable to stealthy firmware hacks
But part of the firmware security gap could be the fault of BOFHs rather than Apple. That is a scary thought, considering that attacks at the firmware level are especially nasty-not only are they hard to detect, they run a deep level and can persist even when nuking the storage device and clean installing the OS.
Mac systems have used EFI since 2006 but an analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems finds that in many cases the EFI is not receiving security updates, leaving users vulnerable to attacks. Malicious code that is able to hide in firmware is hard to detect, compared to malware that might exist in the OS.
The researchers said the security support provided for EFI firmware depends on the hardware model of Mac. “Some Macs have received regular EFI updates, some have only been updated after particular vulnerabilities have been discovered, others have never seen an update to their EFI”.
The EFI firmware of a computer is responsible for booting and controlling the functions of hardware devices and systems, helping the machine get from powering up to booting the operating system. Since then, Apple has been pretty good about including EFI (extensible firmware interface) updates with its macOS security and software updates, though new evidence suggests it is not almost enough. This can leave these systems software secure but firmware vulnerable.