Just a few days ago, a password stealing vulnerability was discovered in macOS just as the latest version began rolling out. Apple is already addressing this but it seems that a new security issue has also come to light, after a study found that 4.2 percent of Macs were running the wrong firmware, leaving them open to exploits.
Duo Security conducted a study of 73,000 Macs running out in the wild, finding that 4.2 percent, or just over 3000 of them, were running the wrong firmware version. This leaves them open to Thunderstrike, an attack that can be used to rewrite macOS firmware using a malware ridden Thunderbolt device. The attacker would need physical access to the Mac in order to achieve this, so it isn’t necessarily a concern for regular consumers, but it could be more concerning for enterprise or even government agency users.
Apple regularly rolls out security updates for Macs but for some reason, it seems firmware versions weren’t always updated as they should have been. Here is what the paper says: “At least 16 models received no EFI updates at all. EFI updates for other models were inconsistently successful, with the 21.5-inch iMac released in late 2015 topping the list, with 43 percent of those sampled running the wrong version.”
In a statement given to ArsTechnica, Apple said that High Sierra should fix this issue entirely, as weekly firmware checks have been implemented with the latest update. With that in mind, Mac users wanting to remain secure should update to the latest version as soon as possible.
KitGuru Says: Apple tends to be very diligent when it comes to user security. We are still unsure why old Mac models were unsuccessful in updating their firmware with new patches, but it seems the High Sierra update should fix that for everyone going forward. Are any of you using macOS at the moment? Have you tried the High Sierra update yet?