Security Firm Finds Vulnerabilities in Mac

Since 2015, Apple Inc. has made it a priority to protect its Mac line of computers from types of hacking that can be immensely difficult to detect. But, according to the research released by Duo Security on Friday, the company has not been very successful is providing its computer with fixes. Duo performed an examination of the firmware that makes up the Mac line of computers. In simple terms, firmware is even more basic than operating systems such as macOS or Microsoft Windows and is essentially an in-built type of software.

When you turn on the computer, but before the operating system boots up, it is the job of the firmware to ensure that all basic components such as processor and hard disk are accounted for and issues proper instructions to them. This can make it extremely difficult to spot any malicious code that might be hiding in the firmware. Most of the time, it is a hassle to upgrade your firmware with all the security patches that are provided from time to time. Updates to the operating system are quite common, but the ones to the firmware have to be carried out separately. In order to ensure its firmware remained up to date, Apple began the practice of launching firmware updates along with its operating system updates from 2015 onwards.

However, approximately 73,000 Mac computers were surveyed by Duo that are being used in the real world and it discovered that nearly 4.2 percent of these computers were not using the firmware they should have depending on their operating system. 43 percent computers of some models such as the 21.5 inch iMac that was released near the end of 2015 that didn’t have the updated firmware. Due to this lack of upgrade, most of these Macs were vulnerable to hacks like the ‘Thunderstrike’ attack in which a Mac can be controlled by hackers after they plug an Ethernet adapter into the so-called thunderbolt port of the machine.

The irony is that the Cupertino-California giant is the only computer maker that has included firmware updates along with its regular operating system updates, which has made the firmware more trackable and made it easy to identify the machines that might be potentially vulnerable. This has also earned Apple the title of being the best in the industry with regard to firmware updates. Duo stated that they had disclosed their findings to Apple before they made them public on Friday. The iPhone maker issued a statement in which it said it had been made aware of the vulnerabilities and were working on addressing them as quickly as possible to minimize the risk.

The company said that they were constantly working on improving the security of their firmware and were exploring ways to add more security to their system. They also added that macOS High Sierra validates the Mac firmware automatically on a weekly basis in order to ensure that users are able to enjoy a more safe and secure experience in this aspect. 

No comments:

'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + ''; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();
Powered by Blogger.