Apple Macs Vulnerable to EFI Zero-Day
dangerous new bug, New exploit leaves most Macs vulnerable to permanent backdooring, Older Macs are vulnerable to dangerous new bug, Macs Vulnerable To Userland Injected EFI Rootkits
This newly bug is more serious than the Thunderstrike which was discovered late last year. As both the bug give a attacker the same persistent and low-level control of a Mac, but the new bug didn't required any physical access to the attacker as like ThunderStrike.
Vilaca said -
"A remote exploit could simply deliver a payload that will either wait or test if a previous sleep existed and machine is vulnerable, or force a sleep and wait for a wakeup to resume its work,"
"After the BIOS protections are unlocked it can simply overwrite the BIOS firmware with something that contains an EFI rootkit and that's it.
" BIOS rootkits are more powerful than normal rootkits because they work at a lower level and can survive any machine reinstall and also BIOS updates." - he added.To work, an exploit would require a vulnerability that provides the attacker with unfettered "root" access to OS X resources. Such vulnerabilities aren't always easy to find, but they're by no means impossible, as demonstrated by the Rootpipe privilege escalation bug that came to light late last year. Vilaca said a drive-by exploit planted on a hacked or malicious website could be used to trigger the BIOS attack.
As this is Zero-Day vulnerability, so there is no patch available till yet. Apple team have also not commented on this issue, but the team will soon released a patch for this,