Source: citifmonline.com --- Saturday, September 30, 2017
Apple Mac computers are being exposed to security risks because core software is outdated, research suggests. Duo Security found that 4.2% of the 74,000 Macs it tested ran insecure versions of software that helps get the machines running. It said the figure was likely to be replicated in the global population of Macs and worse on PCs. Apple welcomed the research and said it was improving how it updated machines. In its research, Duo Security looked at the versions of a type of software known as the extensible firmware interface (EFI) on a large population of Apple Mac computers currently in use. “It’s the first bit of code that runs when you press the power button,” said Rich Smith, Duo’s director of security. Complete control Many Macs Duo tested had never had their EFI updated, he said, and some were using old versions of the code even though they were up to date with operating system and application security patches. “It’s a silent failure because the user or administrator is never notified,” he said, adding that it was not clear what had stopped some machines updating their EFI correctly. Attacks via the EFI were rare, said Mr Smith, because attackers typically had faster or more lucrative ways to steal cash from victims. However, the most “sophisticated” attackers were likely to use them because they gave them deep access to a target system. “You can do anything from there and circumvent any of the controls that are higher ...
from Apple http://ift.tt/2fA9ss8
No comments:
Post a Comment