OS X 10.10.2 will fix years-old Thunderbolt hardware vulnerability

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

A Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple's forthcoming OS X 10.10.2 update for Yosemite, preventing any future attacks.

The so-called "Thunderstrike" hardware exploit was publicized late last year, but the hack takes advantage of a flaw in the Thunderbolt Option ROM first disclosed in 2012. Until now, that flaw hasn't been patched, but according to iMore, the latest beta of Apple's OS X 10.10.2 update fixes the problem.

Citing people familiar with the software, it was said that OS X 10.10.2 prevents the Mac's EFI boot ROM from being replaced, and also makes it impossible to roll it back to a previous state.

The "bootkit" hack, discovered by researcher Trammell Hudson, could replicate itself to any attached Thunderbolt device. That means the exploit could spread across air-gapped networks, unbeknownst to users.

The code becomes stored in a separate ROM on the logic board, which would allow the attack to remain even if the user were to install OS X or put in an entirely new hard drive.

While such low-level attacks are dangerous because they are difficult to detect and can do significant damage, they are also more challenging to spread because they require physical access to a machine.

Thus far, Apple has issued five betas of OS X 10.10.2 to developers, with the most recent release arriving last week. Developers have been asked to focus on problem areas including Wi-Fi, Mail, VoiceOver and Bluetooth.