UEFI attack and the Mac: What you need to know
UEFI - Unified Extensible Firmware Interface — is what the Mac uses to boot from firmware and into the OS X operating system. If you're familiar with BIOS, then this replaced that. At the Chaos Communication Congress (CCC) in 2014, a presentation showed how a vulnerability in the boot script table could be used to rewrite the firmware when a Mac wakes after being in sleep mode. As usual, it's something to be informed about, but for the vast majority of people, nothing to panic about. According to Reverse Engineering Mac OS:
For anyone to exploit the vulnerability, they need already to have root access to your Mac, and the ability to issue commands as root. And if that's the case, the remote access itself would be your most pressing concern. In other words, it needs the back window to be unlocked before it can get in and chain itself to the furnace.
Macs manufactured after mid-2014 appear not to be affected. Given the nature of the exploit and the attention it's getting, I expect Apple will be issuing a patch for affected systems as soon as possible.
If you think you may be targeted, you can mitigate the risk by running as a standard user rather than as an admin. If you have to run as admin, disable sleep and shut down your Mac when you're done with it instead. You can do that in System Preferences > Energy Savings.
Also, remember to practice safe surfing. Most attacks begin with phishing — bogus messages that try to con you into clicking on malware links — or social engineering — attempts to trick you into handing over your password.
For expert users, the following test procedure is also detailed:
Apple continues to work on new ways to improve security. Recent examples include the Mac App Store, Gatekeeper, and Sandboxing. Hopefully, we'll see and hear even more about the company's plans for OS X security at WWDC 2015, which kicks off June 8.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Nick Arnott contributed to this article.
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.