You will be surprised to know that 43% of iMac models (21.5 '' at the end of 2015) are analyzed running old, unsafe firmware and at least 16 Mac models have never been updated to the RFI firmware when Mac OS X was released. 10.10 and 10.12.6.
'Even if you are running the latest version of macOS and installing the latest patch is released, our data shows that there is still the firmware EFI firmware you are running is not the latest version', Duo said.
Duo found that 47 models running macOS versions 10.12, 10.11 and 10.10 did not receive EFI firmware updates with patches for Thunderstrike vulnerabilities 1, 31 models did not receive the patch updates Thunderstrike bug 2. Initial Thunderstrike attacks used by NSA, also included in the WikiLeaks Vault 7 data leak and also mentioned the attack based on the old firmware.
Details about Macs can be found in the report of Duo Labs here https://duo.com/assets/ebooks/Duo-Labs-The-Apple-of-Your-EFI.pdf
According to Duo Labs, their research focuses on the Mac ecosystem because, to a certain extent, Apple has a unique position in controlling the entire ecological environment, but can also be attacked. 'We think that the main problem we have found affects all companies that use the EFI firmware, not just Apple.'
Mac users can also check if they have used the latest version of EFI with the open source EFIgy tool.https://github.com/duo-labs/EFIgy