Skip to main content

Report reveals vulnerabilities in Mac firmware affecting thousands of computers

refurbished apple product deals Refurbished 13.3 inch MacBook Air
Image used with permission by copyright holder
A team of researchers at Duo Security revealed that there are some issues with Apple’s application of firmware updates, which has resulted in some users being left with out of date EFI firmware.

The researchers analyzed 73,000 Mac devices and found that Apple’s security updating process was not working as the company intended. They found that a little over four percent of those computers were running with outdated Apple firmware, despite having received recent updates. Duo’s report didn’t give the exact cause of the problem, but simply noted that for “some reason” the EFI firmware was not being updated when the computers in question received security or OS updates.

Recommended Videos

Firmware is the software which runs underneath the OS and controls the computer when it is booting up. Security issues within firmware can be difficult to notice, which often makes it a target for more advanced hackers. Duo noted that average home users have little reason for concern, due to the fact that the complexity of firmware attacks usually relegates hackers to target enterprises and other valuable entities.

Please enable Javascript to view this content

“If you’re a home user with a Mac that falls into one of the above categories as their personal computing device, then the sky isn’t falling for you, in our opinion,” Duo said. “Attacks against EFI have so far been part of the toolkit used by sophisticated adversaries who have specific high value targets in their sights.”

Duo did caution that enterprise users should take some extra precautions. In addition to ensuring that all their Macs ran the latest version of Mac OS, the security company advised phasing out, or at least isolating, those computers which were not eligible for the most recent security updates.

For its part, Apple has worked to improve its firmware and patch security vulnerabilities as they arise.

“We appreciate Duo’s work on this industry-wide issue and noting Apple’s leading approach to this challenge,” an Apple spokesperson told Gizmodo. “Apple continues to work diligently in the area of firmware security and we’re always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.”

Eric Brackett
Former Digital Trends Contributor
In the age of ChatGPT, Macs are under malware assault
A person using a laptop with a set of code seen on the display.

It's common knowledge -- Macs are less prone to malware than their Windows counterparts. That still holds true today, but the rise of ChatGPT and other AI tools is challenging the status quo, with even the FBI warning of its far-reaching implications for cybersecurity.

That may be why software developer Macpaw launched its own cybersecurity division -- dubbed Moonlock -- specifically to fight Mac malware. We spoke to Oleg Stukalenko, Lead Product Manager at Moonlock, to find out whether Mac malware is on the rise, and if ChatGPT could give hackers a massive advantage over everyday users.
State-sponsored attacks

Read more
Report: Apple’s 2024 MacBooks may face some serious shortages
Apple's John Ternus stands next to an image of the 15-inch MacBook Air at Apple's Worldwide Developers Conference (WWDC) in June 2023.

Looking forward to getting a new MacBook in the next year or so? You might have to wait longer than expected, as Apple chip supplier TSMC is reportedly struggling to get enough skilled workers for its forthcoming Arizona factory. That could mean we see serious shortages of Apple laptops and a struggle to get hold of stock.

The bad news comes from The Wall Street Journal. According to the outlet, TSMC has said that “people with expertise erecting semiconductor facilities were in short supply in the U.S.” As a result, the Arizona factory “would miss its target of starting mass production next year.”

Read more
Major leak reveals every secret Mac Apple is working on
Apple's John Ternus stands next to an image of the 15-inch MacBook Air at Apple's Worldwide Developers Conference (WWDC) in June 2023.

At Apple’s Worldwide Developers Conference (WWDC) in early June, the focus was almost entirely on the company’s Vision Pro headset. But Apple has plenty more up its sleeve, according to a new report, which has spilled the beans on every single Mac we can expect to see in the coming months.

The report comes from journalist Mark Gurman, who accurately predicted a plethora of details about the Vision Pro before it was announced. Now, he says Apple has a few surprise Mac announcements in store for late 2023 or early 2024.

Read more