Apple is not providing EFI firmware updates even for the latest Mac Computers

Experts made this revelation after securing and analyzing telemetry data from over 73,000 real-world Mac Computers. Researchers concentrated on Macs because of Apple’s nearly full control over their systems’ device, unlike the world of Windows and Linux where users are solely responsible for keeping their firmware up to date.

Results of Duo’s analysis showed that Apple has been taking a poor job at delivering EFI firmware updates later it started packaging OS and EFI firmware updates together back in 2015.

Despite the end and gloom results, Duo says that the probability that a user would be targeted by firmware-targeting malware is pretty low.

This is because firmware rootkits are particularly difficult to code, needing advanced coding knowledge, and would also need solid access to the target’s device.

Such malware is rare and in most cases, only nation-state cyberspies can support to develop and use it. For example, the recent WikiLeaks Vault 7 leaks reported that the CIA has a Mac firmware hacking tool called Sonic Screwdriver.

Finding EFI firmware-busting Mac malware in run-of-the-mill malware is most likely out of the question.

Nonetheless, users expect EFI firmware updates, not only for confidence patches but also for regular bugfixes. If not for the sake of preservation, Apple should put some effort into delivering firmware updates for other reasons.

Duo researchers also encouraged to release a Mac app that tells users if their system is driving the latest recommended EFI firmware based on their system’s hardware specs. The app will be published on a GitHub repository. Interested users should maintain an eye on it.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil