An Interest In:
Web News this Week
- March 23, 2024
- March 22, 2024
- March 21, 2024
- March 20, 2024
- March 19, 2024
- March 18, 2024
- March 17, 2024
June 1, 2015 10:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gR7z5ek-AjI/macs-vulnerable-to-userland-injected-efi-rootkits
Macs Vulnerable To Userland Injected EFI Rootkits
Bismillah writes that a new vulnerability in recent Macs — and potentially older ones — can be used to plant code such as rootkits into areas of EFI memory that shouldn't be writeable, but become unlocked after the computer wakes up from sleep mode. The article explains that [The vulnerability] appears to be due to a bug in Apple's sleep-mode energy conservation implementation that can leave areas of memory in the extensible firmware interface (EFI) (which provides low-level hardware control and access) writeable from user accounts on the computer.Memory areas are normally locked as read-only to protect them.However, putting some late-model Macs to sleep for around 20 seconds and then waking them up unlocks the EFI memory for writing.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gR7z5ek-AjI/macs-vulnerable-to-userland-injected-efi-rootkits
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot