Major Mac hardware security flaw discovered

Security researchers claim to have uncovered a new hardware risk affecting the firmware of Apple Mac computers.

In potentially worrying news for dedicated Apple customers, experts from Duo Security have warned that Mac users who have updated to the latest version of MacOS or downloaded the most recent security update, may not be as secure as they thought.

The company analysed over 73,000 Mac computer systems from users around the world, discovering an issue with the Extensible Firmware Interface (EFI) found in all Mac hardware, which according to Duo Security was not actually receiving the security updates users thought. 

This meant that users were left susceptible to a number of major security threats which could have given criminals access to victim's files or accounts.

Due to the sophistication required in executing the attack, users that work with particularly sensitive information or have security clearance are most often targeted with this kind of advanced ‘pre-boot’ attack code.

Apple has always prided itself in the strength of its security protection, with its mobile and PC hardware typically resistant to many major cyber threats.

“Firmware is an often overlooked yet vital component of a system’s security structure,” said Rich Smith, Duo director of research and development. 

“The sophisticated and targeted nature of firmware attacks should be of particular concern to those who have higher security clearance or access to sensitive information at their respective organisations. The worst possible state for users is to be under the assumption that they are secure after updating their system, when in fact, their actual security posture is very different than what they believe it to be.”

Duo Security is now urging users to be vigilant, and ensure their device is kept updated with the latest security protection. Users should also check whether their model is among those affected - with the most extreme solution potentially requiring a completely new model.