Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
June 1, 2015 10:00 am

Macs Vulnerable To Userland Injected EFI Rootkits

Bismillah writes that a new vulnerability in recent Macs — and potentially older ones — can be used to plant code such as rootkits into areas of EFI memory that shouldn't be writeable, but become unlocked after the computer wakes up from sleep mode. The article explains that [The vulnerability] appears to be due to a bug in Apple's sleep-mode energy conservation implementation that can leave areas of memory in the extensible firmware interface (EFI) (which provides low-level hardware control and access) writeable from user accounts on the computer.Memory areas are normally locked as read-only to protect them.However, putting some late-model Macs to sleep for around 20 seconds and then waking them up unlocks the EFI memory for writing.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gR7z5ek-AjI/macs-vulnerable-to-userland-injected-efi-rootkits

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot