Serious Vulnerability Affecting Older Macs Discovered in OS X

A new OS X vulnerability has been recently discovered by a security researcher Pedro Vilaca. This vulnerability affects Macs that are older than one year and lets the cyberthieves control the computer remotely even after it is restored to factory settings of formatted. The aforementioned exploit opens a massive hole in the security of Apple's OS X, which is currently called the most reliable and protected operating system on market.

Now some words about how this vulnerability works. It affects a computer's BIOS after the machine wakes up from sleep. Normally, built-in security tools should protect the system, but for some reason they don't work when the computer wakes up. Due to the lack of protection, the exploit penetrates into BIOS and changes the extensive firmware interface (EFI).

"The bug can be used with a Safari or other remote vector to install an EFI rootkit without physical access," Vilaca said in his blog post. "The only requirement is that a suspended happened in the current session. I haven’t researched but you could probably force the suspend and trigger this, all remotely. That’s pretty epic ownage ."

The researcher says that Apple has already patched the vulnerability in the latest versions of OS X, however, he has no idea if this has been done on purpose or accidentally.

[via iClarified]