If you were looking forward to the next heft Yosemite update, there’s something else to look forward to that will finally secure a vulnerability on the Thunderbolt port.
Per AppleInsider and iMore, a Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple’s forthcoming OS X 10.10.2 update for Yosemite, preventing any future attacks.
The so-called “Thunderstrike” hardware exploit was publicized late last year, but the hack takes advantage of a flaw in the Thunderbolt Option ROM first disclosed in 2012. Until now, that flaw hasn’t been patched, but according to iMore, the latest beta of Apple’s OS X 10.10.2 update fixes the problem.
Citing sources familiar with the software, it was said that OS X 10.10.2 prevents the Mac’s EFI boot ROM from being replaced, and also makes it impossible to roll it back to a previous state.
The “bootkit” hack, discovered by researcher Trammell Hudson, could replicate itself to any attached Thunderbolt device. That means the exploit could spread across air-gapped networks, unbeknownst to users.
The code becomes stored in a separate ROM on the logic board, which would allow the attack to remain even if the user were to install OS X or put in an entirely new hard drive.
While such low-level attacks are dangerous because they are difficult to detect and can do significant damage, they are also more challenging to spread because they require physical access to a machine.
Thus far, Apple has issued five betas of OS X 10.10.2 to developers, with the most recent release arriving last week. Developers have been asked to focus on problem areas including Wi-Fi, Mail, VoiceOver and Bluetooth.
Stay tuned for additional details as they become available.