EFI exploits say hello

gctest50

EFI not being updated



https://duo.com/blog/the-apple-of-your-efi-mac-firmware-security-research

If you are running a version of macOS/OS X that is older than the latest major release (10.12 Sierra at the time of writing this blog post), then your EFI firmware may not have received the latest fixes for known EFI issues.

Even though OS X 10.11 (El Capitan) and 10.10 (Yosemite) still receive security updates from Apple, the EFI firmware updates they receive appear to be lagging behind or are absent entirely

Even if you’re running the most recent version of macOS and have installed the latest patches that have been released, our data shows there is a non-trivial chance that the EFI firmware you’re running might not be the most up-to-date version

If you are running one of the 16 Mac models listed below, then our data indicates that your system won’t have received any EFI firmware updates at all:

iMac: iMac7,1; iMac8,1; iMac9,1; iMac10,1
MacBook: MacBook5,1; MacBook5,2
MacbookAir: MacBookAir2,1
MacBookPro: MacBookPro3,1; MacBookPro4,1; MacBookPro5,1; MacBookPro5,2; MacBookPro5,3; MacBookPro5,4
MacPro: MacPro3,1; MacPro4,1; MacPro5,1

The upshot of all of the above is that the state of your Mac’s EFI firmware may not be what you expect it to be, and in a number of circumstances, this may leave you vulnerable to a variety of known public EFI security issues.