Audio By Carbonatix
Since 2015, Apple has tried to protect its Mac line of computers from a form of hacking that is extremely hard to detect, but it has not been entirely successful in getting the fixes to its customers, according to research released on Friday by Duo Security.
Duo examined what is known as firmware in the Mac computers. Firmware is an in-built kind of software that is even more basic than an operating system like Microsoft Windows or macOS.
When a computer is first powered on -- before the operating system has even booted up -- firmware checks to make sure that basic components like a hard disk and processor are present and tells them what to do. That makes malicious code hiding in it hard to spot.
In most cases, firmware is a hassle to update with the latest security patches. Updates have to be carried out separately from the operating system updates that are more commonplace.
In 2015, Apple started bundling firmware updates along with operating system updates for Mac machines in an effort to ensure firmware on them stayed up to date.
But Duo surveyed 73,000 Mac computers operating in the real world and found that 4.2 percent of them were not running the firmware they should have been based on their operating system. In some models - such as the 21.5-inch iMac released in late 2015 - 43 percent of machines had out-of-date firmware.
That left many Macs open to hacks like the “Thunderstrike” attack, where hackers can control a Mac after plugging an Ethernet adapter into the machine’s so-called thunderbolt port.
Paradoxically, it was only possible to find the potentially vulnerable machines because Apple is the only computer maker that has sought to make firmware updates part of its regular software updates, making it both more trackable and the best in the industry for firmware updates, Rich Smith, director of research and development at Duo, told Reuters in an interview.
Duo said that it had informed Apple of its findings before making them public on Friday. In a statement, Apple said it was aware of the issue and is moving to address it.
”Apple continues to work diligently in the area of firmware security, and we’re always exploring ways to make our systems even more secure,“ the company said in a statement. ”In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.”
Latest Stories
-
“Tourism and hospitality are at the heart of our people” – Seychelles Tourism Minister Amanda Bernstein
11 minutes -
Ghana Sports Fund administrator urges patience and support for Black Stars after Croatia defeat
1 hour -
Wesley Girls’ High School launches 190th anniversary celebrations with legacy projects
1 hour -
NPP questions government’s refurbished locomotives, demands transparency over railway acquisition
2 hours -
GJA calls for dedicated defamation law to protect journalists and clarify media litigation
5 hours -
Powerful individuals using defamation suits to silence journalists – GJA General Secretary
5 hours -
Lack of defamation law leaves journalists vulnerable to intimidation lawsuits – Zakaria Tanko
5 hours -
10 years. One stage. Countless lives transformed
5 hours -
Rising defamation suits are crippling investigative journalism in Ghana — GJA
5 hours -
Adwoa Safo petitions Attorney-General to move shooting case to High Court over jurisdiction concerns
6 hours -
Uganda’s Daily Monitor, NTV forced off air after army chief orders closure
7 hours -
Otumfuo urges pharmacists to uphold standards as Pharmaceutical Society marks 90 years
7 hours -
Ghana’s leading businesses honoured at 3rd Ghana Outstanding Business Achievement Awards
8 hours -
All set for Joe Mettle’s Praise Reloaded 2026 at Accra Sports Stadium
8 hours -
Litina Travel’s Made-in-Ghana World Cup Expo draws hundreds in Boston
10 hours