At every opportunity, Apple touts the security advantages of controlling both software and hardware: it's why the “It just works” slogan has become synonymous with the company. Still, Apple now has to address an industry-wide issue that leaves a portion of Macs vulnerable to hacker attacks.
ISight webcams on MacBooks or pre 6,2 MacBook Pros (6,2 came out around 2010) require the Apple's proprietary firmware that cannot be redistributed. It must be extracted from OS X and loaded onto Arch. The MacBook Pro is a line of Macintosh notebook computers introduced in January 2006 by Apple Inc. It is the higher-end model of the MacBook family, sitting above the consumer-focused MacBook Air, and is sold with 13- and 16-inch screens. 17-inch and 15-inch version were sold from April 2006 to June 2012 and January 2006 to November 2019 respectively. MacBook Air (Late 2010 and later), MacBook Pro (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Mid 2010 and later), and MacBook (Mid 2010 and later) while running Boot Camp. Apple TV (4th generation) 19 Jul 2017. ITunes 12.6.2 for Windows. Windows 7 and later. ICloud for Windows 6.2.2. Possibly related is I have two updates queued; one a security update to the EFI and another is Macbook Pro Firmware Update 2.9. Every time I install them and restart they show up in the app store as if I never even downloaded them. Owners of a MacBook Pro (13-inch, Mid-2010) running Windows are encouraged to download and install this update. Download MacBook Pro Boot Camp Update for Windows 32-bit (Free) Download MacBook Pro.
The flaw, discovered by security researchers at Duo Labs, is in the EFI (Extensible Firmware Interface) firmware, which sits beneath the operating system. EFI is the BIOS replacement originally developed by Intel that aims to overcome the limitations of the PC BIOS. Due to the firmware's level of privileges, if a hacker can gain access to it then their attack cannot be detected. That changes with macOS 10.13 High Sierra, which contains a tool validating the authenticity of the firmware running on the Mac.
Download CleanMyMac X from MacPaw’s website and clean up to 500MB of junk data from your computer while enjoying all the features of the software without major limitations.
The vulnerability allowed the CIA, for example, to spy on targeted Mac users, as a so-called Vault 7 cache of secret CIA documents released by WikiLeaks show. The catch is that the flaw isn't new and seems to require physical access to the Mac in order to work.
After analyzing 73,000 Macs currently in use, Duo Labs has discovered a discrepancy between the firmware versions they expected the machines to be running and the actual EFI version installed. That leaves a security hole in the system, because although users might have the latest OS version installed, if the EFI firmware is an older version, it lacks the latest fixes of known firmware issues.
Apple released EFI updates separately, but since 2015 the EFI update is bundled in the software update Apple has been pushing out to users. However, if you are running one of the 16 Mac models identified by Duo Labs, there is a chance that your system hasn’t received any EFI update at all: iMac 7,1 to 10,1, MacBook 5,1 and 5,2, MacBook Air 2,1 and more.
You can check what EFI version your system is running by clicking on the Apple menu and selecting About This Mac > System Report > Hardware. In the hardware overview section macOS displays the Model Identifier, the Boot ROM version and the SMC version number your Mac is running.
You can compare that to the firmware update number Apple lists in a support document dedicated to EFI and SMC updates for Intel-based Mac computers. Apple has stopped updating that page since September 2017.
If the firmware version displayed in the hardware overview is older than that listed for your Mac, then download the firmware and apply the update. Or update the operating system to at least macOS 10.12.6 Sierra, because this will include all the necessary security updates and the correct firmware.
It's important to identify your Mac model, because that's how to correctly determine which firmware you’re on and how to install the necessary update. macOS won't let you install firmware that's not developed for the model you are trying to update.
The problem is that macOS won't alert users if an EFI update has failed to install on the hardware. Therefore it’s important the user checks manually, since they won't be able to close the backdoor that hackers can access to eavesdrop or steal sensitive information, and neither can Mac optimization apps. While CleanMyMac, MacKeeper, CCleaner, OnyX and the like are highly capable apps for keeping your Mac clean, they cannot alert users about the EFI firmware vulnerability.
Unfortunately, the same goes for anti-malware apps such as MalwareBytes, due to the EFI's nature of operating beneath the operating system software. As a result we recommend spending a couple of seconds to ensure your Mac is secure by checking if it is running the latest firmware version and, if not, upgrading as soon as you can.
EFI vulnerability isn't just related to Apple. Duo Labs has said that it has chosen the Apple ecosystem as it offered the most consistent data when compared to Microsoft's Windows PCs running Intel chips. As demonstrated by hackers years ago, the EFI flaw has been present in Windows PCs, allowing hackers to exploit it and install ransomware.
Stay up to date on the latest tech news and discounts on Mac optimization software with our monthly newsletter.