OS X 10.10.2 update to resolve ongoing Thunderbolt vulnerability

Posted by:
Date: Tuesday, January 27th, 2015, 11:06
Category: Hardware, News, security, Software


If you were looking forward to the next heft Yosemite update, there’s something else to look forward to that will finally secure a vulnerability on the Thunderbolt port.

Per AppleInsider and iMore, a Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple’s forthcoming OS X 10.10.2 update for Yosemite, preventing any future attacks.

The so-called “Thunderstrike” hardware exploit was publicized late last year, but the hack takes advantage of a flaw in the Thunderbolt Option ROM first disclosed in 2012. Until now, that flaw hasn’t been patched, but according to iMore, the latest beta of Apple’s OS X 10.10.2 update fixes the problem.

Citing sources familiar with the software, it was said that OS X 10.10.2 prevents the Mac’s EFI boot ROM from being replaced, and also makes it impossible to roll it back to a previous state.

The “bootkit” hack, discovered by researcher Trammell Hudson, could replicate itself to any attached Thunderbolt device. That means the exploit could spread across air-gapped networks, unbeknownst to users.

The code becomes stored in a separate ROM on the logic board, which would allow the attack to remain even if the user were to install OS X or put in an entirely new hard drive.

While such low-level attacks are dangerous because they are difficult to detect and can do significant damage, they are also more challenging to spread because they require physical access to a machine.

Thus far, Apple has issued five betas of OS X 10.10.2 to developers, with the most recent release arriving last week. Developers have been asked to focus on problem areas including Wi-Fi, Mail, VoiceOver and Bluetooth.

Stay tuned for additional details as they become available.

Recent Posts

Comments are closed.