At every opportunity, Apple touts the security advantages of controlling both software and hardware: it’s why the “It just works” slogan has become synonymous with the company. Still, Apple now has to address an industry-wide issue that leaves a portion of Macs vulnerable to hacker attacks.
The flaw, discovered by security researchers at Duo Labs, is in the EFI (Extensible Firmware Interface) firmware, which sits beneath the operating system. EFI is the BIOS replacement originally developed by Intel that aims to overcome the limitations of the PC BIOS. Due to the firmware’s level of privileges, if a hacker can gain access to it then their attack cannot be detected. That changes with macOS 10.13 High Sierra, which contains a tool validating the authenticity of the firmware running on the Mac.
The vulnerability allowed the CIA, for example, to spy on targeted Mac users, as a so-called Vault 7 cache of secret CIA documents released by WikiLeaks show. The catch is that the flaw isn’t new and seems to require physical access to the Mac in order to work.
What Does That Mean to Mac Users?
After analyzing 73,000 Macs currently in use, Duo Labs has discovered a discrepancy between the firmware versions they expected the machines to be running and the actual EFI version installed. That leaves a security hole in the system, because although users might have the latest OS version installed, if the EFI firmware is an older version, it lacks the latest fixes of known firmware issues.
Apple released EFI updates separately, but since 2015 the EFI update is bundled in the software update Apple has been pushing out to users. However, if you are running one of the 16 Mac models identified by Duo Labs, there is a chance that your system hasn’t received any EFI update at all: iMac 7,1 to 10,1, MacBook 5,1 and 5,2, MacBook Air 2,1 and more.
How You Can Check the EFI Firmware Version
You can check what EFI version your system is running by clicking on the Apple menu and selecting About This Mac > System Report > Hardware. In the hardware overview section macOS displays the Model Identifier, the Boot ROM version and the SMC version number your Mac is running.
You can compare that to the firmware update number Apple lists in a support document dedicated to EFI and SMC updates for Intel-based Mac computers. Apple has stopped updating that page since September 2017.
How to Update the Firmware
If the firmware version displayed in the hardware overview is older than that listed for your Mac, then download the firmware and apply the update. Or update the operating system to at least macOS 10.12.6 Sierra, because this will include all the necessary security updates and the correct firmware.
It’s important to identify your Mac model, because that’s how to correctly determine which firmware you’re on and how to install the necessary update. macOS won’t let you install firmware that’s not developed for the model you are trying to update.
The problem is that macOS won’t alert users if an EFI update has failed to install on the hardware. Therefore it’s important the user checks manually, since they won’t be able to close the backdoor that hackers can access to eavesdrop or steal sensitive information, and neither can Mac optimization apps. While CleanMyMac, MacKeeper, CCleaner, OnyX and the like are highly capable apps for keeping your Mac clean, they cannot alert users about the EFI firmware vulnerability.
Unfortunately, the same goes for anti-malware apps such as MalwareBytes, due to the EFI’s nature of operating beneath the operating system software. As a result we recommend spending a couple of seconds to ensure your Mac is secure by checking if it is running the latest firmware version and, if not, upgrading as soon as you can.
EFI vulnerability isn’t just related to Apple. Duo Labs has said that it has chosen the Apple ecosystem as it offered the most consistent data when compared to Microsoft’s Windows PCs running Intel chips. As demonstrated by hackers years ago, the EFI flaw has been present in Windows PCs, allowing hackers to exploit it and install ransomware.
Best Mac Optimization Software of 2018