Serious bug that is hacked into hackers when Mac goes back to sleep mode

ByDeveion acker

On iPhoneCrash or restart occurs when receiving specific text BugAlthough it was reported, newly purchased Mac from 2015 a year or more agoUEFIWe found a serious bug that you can direct access to.

The Empire Strikes Back Apple - how your Mac firmware security is completely broken | Reverse Engineering Mac OS X
https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/


Mac attack! Nasty bug lets hackers into Apple computers - Jun. 3, 2015
http://money.cnn.com/2015/06/03/technology/mac-bug/


On a computer such as a PC with Windows, "BIOSThere is an important program that is the core of a computer that controls hardware such as disk drives and keyboards called so. Because there is fear that the keyboard etc will not move if there is abnormality in the BIOS, usually it is not much to add a hand to the BIOS and it needs to be protected with sturdy security. According to Pedro Vilaça, who is a computer security company in Portugal, UEFI is adopted instead of BIOS on Mac, but a bug where hackers can tamper with Mac's UEFI is found.

The content of the bug is that UEFI root access becomes possible when returning Mac from sleep mode, and there is a possibility that code can be rewritten. As a result of testing by Mr. Vilaça, this bug has been confirmed as "Late 2013Model Mac Pro and "Mid 2012"It is a MacBook Pro of the model, there is a possibility that bugs exist in all models before this. Since the bug was not confirmed with the latest MacBook Pro Retina, MacBook Pro, MacBook Air, it is unlikely that a bug will exist if it is a machine after "mid / late 2014".


As CNNMoney asked various experts for opinions about this bug, it is true that it is a serious bug, but in order to make an attack using bugs you need administrative access rights, it is easy to attack It is said that it will not be done. However, it is dangerous if it is a machine infected with a virus, it is a bug that has not been discovered for a long time despite a bug that existed for several years already, so it is already a top company · banker · politician · Journalists and others may possibly be spying on "high value" targets for a long time.

Please note that Apple has not announced any comments on this bug and information on when it will be fixed as being fixed is unknown at the time of writing the article.