The exploit highlights that firmware (the software that boots a computer) isn't typically encrypted out of the factory and doesn't authenticate updates from the manufacturer. The researchers say they have alerted Apple about the issue and according to the Wired article, the company has patched one exploit and partially patched another.
This is the second Thunderstrike exploit to target Macs. The first version was fixed with OS X 10.10.2 and required the hacker to have physical access to the computer. This new version is more nefarious because the malware can be delivered via a link. The latest OS X security update (10.10.4) seems to keep the exploit from taking hold.
via www.engadget.com
non piacerà al mio amico MM...
In effect I don't like it!!
But it seems that this infection has been made for PC and the researchers have found that of 6 vulnerabilities they tested on PCs from various manufacturers, all but one also affected Macs. Like you can read here under.
..................
While Apple generally puts a lot of effort into making sure that Macs remain virus-free and secure, a duo of researchers, Xeno Kovah and Trammell Hudson, have discovered that many PC firmware vulnerabilities also affect Macs, leaving Apple’s hardware open to attacks on the firmware that can survive OS X reinstallation and system wipes.
In fact, the researchers found that of the six vulnerabilities they tested on PCs from various manufacturers, all but one also affected Macs.
Via: http://9to5mac.com/2015/08/03/mac-firmware-worm/
Scritto da: Marco Muccetti | 04/08/2015 a 16:34