Skip to main content

Macs vulnerable to same remote firmware exploits as Windows PCs, researchers find

posted onAugust 4, 2015
by l33tdawg
Credit:

L33tdawg: Corey Kallenberg from Legbacore will be at #HITBGSEC in October to present an updated version of this research

Macs can still be successfully attacked using some of the same firmware vulnerabilities affecting many Windows PCs, a new proof-of-concept worm is said to demonstrate.

Superficially, the new attack — dubbed Thunderstrike 2 — appears similar to the namesake Thunderstrike vulnerability found last year and likely relies on some of the same attack vectors. It was created by security reseachers Trammell Hudson, who first discovered Thunderstrike, and Xeno Kovah, Wired reported on Monday.

Worryingly, the proof-of-concept worm could transfer automatically between two Macs without them being networked. It would escape direction by most scanning software, and even survive reformatting, leaving a "scorched earth" approach — re-flashing firmware chips — as the only method of mitigation.

Source

Tags

Security OS X

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th