Report: Countless PCs vulnerable to newly discovered firmware attack [Update]

Report: Countless PCs vulnerable to newly discovered firmware attack [Update]

After analyzing more than 70,000 Macs, the team at Duo Security uncovered a firmware vulnerability that could affect countless PCs. And although the research was done on Macs, Windows PCs are even more likely to be at risk.

Rich Smith and Pepijn Bruienne outlined the flaw in a recently-published blog.

The issue concerns Apple’s EFI, or Extensible Firmware Interface, which is the interface responsible for booting and running macOS. Because all subsequent software operations depend first on boot operations from the EFI, the vulnerability could prove disastrous to affected machines.

Smith and Bruienne discovered the issue when looking at how many Macs were running outdated firmware. Current Macs are supposed to update firmware automatically to the latest version whenever a user downloads an operating system update. Duo Security, however, found this wasn’t the case. Many were running updated software, but older firmware, a problem described as “software secure, firmware insecure,” by the team.

All told, Duo Security found the discrepancies in as many as 16 newer Mac models. Certain iMacs from late 2015 were the most affected, with nearly 45 percent running outdated firmware versions.

For Windows users, the problem is even worse. Since Apple controls its supply chain, the only computers running macOS are Macs. Microsoft, on the other hand, only manufacturers a handful of devices running Windows. Simply put, the company lacks the control of its supply chain to know just how deep of a problem this may be. With numerous configuration options, the firmware vulnerability could potentially affect millions.

Update (5:01 PDT): A source familiar with the matter confirmed to TNW that Apple is aware of the issue and actively working on a fix. Our sources also confirm Duo’s assessment that this could be a far bigger problem on Windows PCs. Apple’s control over its supply chain should prove beneficial in assessing the damage, and working to quickly find a solution.

An Apple spokesperson told TNW:

We appreciate Duo’s work on this industry-wide issue and noting Apple’s leading approach to this challenge. Apple continues to work diligently in the area of firmware security and we’re always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.

The Apple of Your EFI: Mac Firmware Security Research on Duo Labs

Read next: Senate set to approve self-driving cars for US roadways