Macs have typically been heralded as the more secure of the two main operating systems. But according to researchers, at the firmware level, that’s not necessarily true. Ahead of their ‘Thunderstrike 2: Sith Strike‘ Black Hatpresentation, Xeno Kovah, Trammell Hudson and Corey Kallenberg demonstrated to Wired that Macs have some of the same vulnerabilities as their Windows counterparts. The exploit is especially troubling because now a phishing email or click on a link on a malicious site could compromise the computer. This is in addition to the exploit shown last year that was spread by the ROM of infected external drives and accessories like a Thunderbolt to ethernet adapter. These exploits are nearly impossible to detect because security software doesn’t scan the firmware and reinstalling the system doesn’t remove the problem.
The exploit highlights that firmware (the software that boots a computer) isn’t typically encrypted out of the factory and doesn’t authenticate updates from the manufacturer. The researchers say they have alerted Apple about the issue and according to the Wired article, the company has patched one exploit and partially patched another.
This is the second Thunderstrike exploit to target Macs. The first version was fixed with OS X 10.10.2 and required the hacker to have physical access to the computer. This new version is more nefarious because the malware can be delivered via a link. The latest OS X security update (10.10.4) seems to keep the exploit from taking hold.
Still, vulnerabilities like this are a reminder that companies should be encrypting all the elements of a machine to reduce the chance of their customers getting hacked in the first place.