Mac sticks with serious security holes
A newly discovered security vulnerability could help hackers insert malicious code over the user's BIOS, causing the Mac to face the risk of permanent re-opening.
Detecting security holes on 1,500 iOS applications
According to Ars Technica, security expert Pedro Vilaca found a Mac OS X vulnerability that allowed hackers to take over the Mac after exiting sleep. This vulnerability will affect all Macs released before mid-2014.
At the moment, hackers cannot take advantage of this vulnerability to conduct a wide-ranging attack, but Vilaca's research shows that criminals can take advantage of this flaw to launch attacks on some individuals. determined.
In his study, Vilaca was able to flash the Mac's BIOS after the device exited sleep mode. Usually, this is impossible, but a flaw Apple missed will allow hackers to flash the BIOS. Malicious codes written on the BIOS will exist even if the user has formatted the hard drive or reinstalled the operating system.
Victims of similar attacks will not be able to recognize any signs when malicious code is being installed on the Mac's BIOS.
A very serious vulnerability will allow hackers to write malicious code over the user's BIOS, causing their Macs to face the risk of permanent backlog.
More dangerous, hackers do not need to be in direct contact with the Mac to achieve this type of attack. Instead, they can trick victims into visiting a website and then install hidden malicious code:
" The only condition is that you ask the machine to go back to sleep mode. I have not studied this yet but you will be able to order the victim's machine to automatically switch back to sleep mode and activate this attack. remote ", Vilaca confirmed with Ars Technica.
Once attacked, users will be faced with the risk of permanently re-opening the door on their Mac. The only way to find a victim is to use software that reads the BIOS chip data and compares it with the original firmware to find out if their BIOS has been changed.
You should read it
- This is the operating system containing the most holes in a decade
- Millions of Android devices stick with security holes in firmware, hackers can exploit to lock users' machines
- A good tip for a non-stick pan is to be durable and not be close
- Detect 2 serious security holes in the Zoom application
- The boundary between MacBook and iPad is about to fade away?
- 4 Extremely useful MacBook security tips, did you know?
- Microsoft has a group of 'elite' hackers that specialize in attacking Windows to keep the operating system safe
- Understand the connection and key presses on the Macbook
- Internet Explorer has vulnerabilities, unused users are still hacked
- Choose to buy the new Macbook Air
- Google's new Jarlsberg server system: full of holes like 'cheese'
- Hacker revealed the second Zero-Day, broke Windows' EoP vulnerability patch
Maybe you are interested
AMD Ryzen Users Should Install This BIOS Update for a Free Performance Boost
7 ways to fix the error of not being able to enter the BIOS menu
How to convert from Legacy to UEFI in BIOS
How to enter BIOS (UEFI) on Windows 10, how to fix the error of not being able to enter BIOS Win 10
3 simple ways to reset BIOS settings
BIOS concept? How to use BIOS properly and effectively