Failed updates leave Mac computers at risk from targeted attacks on firmware

The Extensible Firmware Interface (EFI) has steadily replaced BIOS in recent years as means of booting and controlling hardware devices. Mac systems have used EFI since 2006 but an analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems finds that in many cases the EFI is not receiving security updates, leaving users vulnerable to attacks. In 2015 Apple began to bundle software and firmware updates in order to ensure systems had the most current firmware security. Duo Labs' analysis looked at the updates released in the last three years and compared the actual… [Continue Reading]