Apple has eliminated the vulnerability OS X Yosemite, allowing hack Mac via Thunderbolt




Apple fixed in the sixth beta version of OS X Yosemite 10.10.2 vulnerability that allows to carry out attacks on computers via Thunderbolt. It is reported portal TidBITS.


The appearance of the first bootkit for Mac became known in late 2014. It was written by a specialist in information security Trammel Hudson, who called it Thunderstrike . Bootkit – a malicious program that modifies the boot sector of the drive in your computer, allowing you to bypass any protection against unauthorized access at a low level.

Hudson discovered that when you restart the Mac into recovery mode system polls the drive connected to the connector Thunderbolt. And if this device is any boot firmware, the system first checks its authenticity and if the test is successful, executes.

The expert found a vulnerability in the authentication method and learned to cheat the system, causing it to run arbitrary code. He then wrote directly the bootkit, which changes the standard firmware Mac, is responsible for starting the operating system when you turn on or restart the computer.

For Thunderstrike are not a hindrance or password protection or encryption of data on disk, since breaking occurs before they take effect. In addition, as the malicious code is written to the disk boot sector, it can not be detected.

To protect your Mac from attacks such as Thunderstrike, Apple has had to change a part of the operating system code, protecting the boot sector from being overwritten. As told by the authors of the publication, this change required the intervention in the operating system at a low level. Previously, Apple has eliminated this “hole” in the security iMac display Retina 5K and Mac mini release in 2014.

Recall that in OS X Yosemite 10.10.2 Apple also eliminated a number of other threats to the security of Mac users vulnerabilities. For information about these Google unveiled as part of Google Project Zero.


Tags: , , , , , , , , , , ,

In: Technology & Gadgets Asked By: [15464 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »