Even though no public instances of Thunderstrike exploit attacks have been reported, Apple is already working on a fix for the exploit that will be rolling out in the Apple Mac OS X 10.10.2 update in the coming months and has been in pre-release testing for the past two months.
For those of you that have not heard of the Mac Thunderstrike exploit, it takes the form of a serious vulnerability discovered earlier this year by security researcher Trammell Hudson.
Once installed the Thunderstrike exploit is capable of replacing a Mac system bootrom with malicious code without the knowledge of the user and would remain in place even if the bootrom was replaced on the infected system. Apple explains
“To secure against Thunderstrike, Apple had to change the code to not only prevent the Mac’s boot ROM from being replaced, but also to prevent it from being rolled back to a state where the attack would be possible again.
According to people with access to the latest beta of OS X 10.10.2 who are familiar with Thunderstrike and how it works, that’s exactly the deep, layered process that’s been completed.”
For more information on the new Mac Thunderstrike exploit jump over to the Trammell Hudson website for details via the link below.Filed Under: Apple, Technology News