The common wisdom when it comes to PCs and Apple computers is that the latter are much more secure. Particularly when it comes to firmware, people have assumed that Apple systems are locked down in ways that PCs aren’t. It turns out this isn’t true. Two researchers have found that several known vulnerabilities affecting the firmware of all the top PC makers can also hit the firmware of MACs. What’s more, the researchers have designed a proof-of-concept worm for the first time that would allow a firmware attack to spread automatically from MacBook to MacBook, without the need for them to be networked.
It’s really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware.The attack raises the stakes considerably for system defenders since it would allow someone to remotely target machines including air-gapped ones in a way that wouldn’t be detected by security scanners and would give an attacker a persistent foothold on a system even through firmware and operating system updates.
Firmware updates require the assistance of a machine’s existing firmware to install, so any malware in the firmware could block new updates from being installed or simply write itself to a new update as it’s installed. The only way to eliminate malware embedded in a computer’s main firmware would be to re-flash the chip that contains the firmware.