Monday, June 1, 2015

The Expert Found A Vulnerability In Older Mac, Allows You To Set The "Eternal" Trojans

In computers, Apple found a vulnerability that allows hackers to reflash Mac, placing malware directly to the "BIOS". This malicious code is difficult to detect and remove.

The malicious code is placed in the boot area, it is very difficult to clean, and standard remedies - such as virus scanners - will not be able to detect it, Cnews reports with reference to information security specialists Pedro Vilaka. And since Apple released a firmware update is extremely rare, malicious code can be in it for a long time. It is reported that the vulnerability affects all computers, issued before mid-2014.

Mac has built-in software (firmware), which controls the boot process, and then passes control to the operating system. This is commonly called BIOS firmware by analogy with the name of her older implementations, while the more modern version of the firmware is called PC UEFI.

The problem with the found vulnerability lies in the fact that after the computer resumes from standby mode (S3) protection UEFI flashing in Apple computers is lost. Thus, an attacker can easily implement UEFI malicious code using standard tools for flashing. To remove the protection, it requires only put the computer into standby mode and immediately withdraw from it.

According Vilaka, he tested his theory on a few models of MacBook Pro display Retina, MacBook Pro and MacBook Air, released before mid-2014. All models have the latest firmware version, and all the computers proved vulnerable to the described method. The expert notified of Apple problem, but only after the published information on the find.

Apple has not responded to Vilaka Message.