Wednesday, June 3, 2015

Serious Mac vulnerability could open permanent backdoor to hackers

Mac Sleep BIOS Security Vulnerability
A security researcher has discovered a new Mac vulnerability that can seriously affect some Mac owners, even though most users should be relatively safe because the security flaw apparently isn’t used on a wide scale yet.
According to Ars Technica, Pedro Vilaca discovered a OS X bug that would let a hacker take control of a Mac after it wakes up from sleep, and the security issue affects all Macs that were purchased before the mid-2014.
At this time, malicious hackers aren’t using the described method for mass attacks, but the research points out that certain high-level individuals who own Macs might be targeted with attacks that utilize this flaw.
Vilaca managed to reflash the BIOS of a Mac once it wakes up from sleep. Normally, something like this shouldn’t be possible, but it looks like an Apple oversight allows a hacker to reflash the Mac with malware that would survive hard drive reformatting and reinstallation.