New Mac Exploit Leaves Users Dangerously Vulnerable To Remote Access

Ramish Zafar
Posted 1 year ago

Apple’s operating systems, justifying their closed state nature through claims of better security do end up faring better than other when it comes to viruses and vulnerabilities. While vulnerabilities in Apple operating systems, OS or iOS are not that common, they do occur, and more often then not end up having serious repercussions. Another such vulnerability has been discovered by researcher Pedro Vilaca and it can enable a hacker to take complete control of your Mac.


Mac Vulnerability Can Allow Remote Attackers To Remotely Control Your Computer

All Macs shipped before the second half of 2014 are vulnerable to an all new BIOS exploit discovered by researcher Pedro Vilaca. Through using vulnerabilities already present in web browsers, attackers can install malicious code on Macs, that will not be removed whether you format your hard drive or reinstall your operating system. Not only will this exploit end up giving an attacker low level control of your Mac, but unlike last year’s Thunderstrike vulnerability, it doesn’t require an attacker to physically access your Mac either.

Attackers in any part of the world will be able to remotely take control of your Mac and wreak havoc. The vulnerability works when your Mac’s FLOCKDN protection, which prevents write access to BIOS data is deactivated one the device wakes up from sleep mode. This allows attackers to modify its EFI interface and make changes to the machine’s code. “The bug can be used with a Safari or other remote vector to install an EFI rootkit without physical access,” writes Vilaca. “The only requirement is that a suspended happened, in the current session. I haven’t researched but you could probably force the suspend and trigger this, all remotely. That’s pretty epic ownage ;-).”


Vilaca also doesn’t believe that the attack can be used to exploit devices on a large scale. Rather, the researcher believes that attacks can be carried out against high value targets. What can you do to prevent such attacks? Nothing that a regular, average Joe can carry out. But, if you know your way around Macs, or know someone who does, you can install software released by Thunderstrike’s creator. Follow this and this for the software. While it won’t protect you from the attack, it will let you know if such an attack has occurred, which is better than doing nothing.

Apple Discontinues Its Thunderbolt Display – Will Continue To Sell While Stocks Last

So that’s it folks. While we’ve contacted Apple for an official response on the situation, a reply from the Cupertino manufacturer is highly unlikely, given that Apple doesn’t reply until such vulnerabilities have been taken care of. But given the fact that Mac shipping before mid-2014 are affected, has the Cupertino manufacturer already taken care of matters beforehand? We’ll find out soon enough. Stay tuned and let us know what you think in the comments section.

Share on Facebook Share on Twitter Share on Reddit