Researcher Discovers Thunderbolt Flaw Endangering Macs

Researcher Discovers Thunderbolt Flaw Endangering Macs

A vulnerability in the firmware of Mac computers, specifically related to Thunderbolt interfaces, has been identified by security expert Trammel Hudson.

This issue, which has been unresolved for over two years, exposes Macs to potential threats when connected to malicious Thunderbolt devices.

Researcher Discovers Thunderbolt Flaw Endangering Macs

According to Hudson, who is slated to discuss this topic at the upcoming Chaos Communication Conference in Germany, “The flaw allows the bypassing of cryptographic signature verifications in Apple’s EFI firmware update processes using a Thunderbolt Option ROM.

This breach permits an individual with physical access to the device to inject untrusted code into the SPI flash ROM on the motherboard, thereby paving the way for a new category of firmware bootkits targeting MacBook systems.”

Hudson further suggests that the vulnerability could be rectified with a minor firmware update.

Share This Article
Steven

Daniel is a dedicated writer for TUAW, bringing years of experience and a deep love for all things Apple. With a keen eye for detail, Daniel covers everything from the latest iPhone and iPad releases to the newest features in macOS and watchOS. His insightful articles and reviews help readers stay informed and make the most of their Apple products. When he’s not writing, Daniel enjoys exploring new apps and tinkering with his MacBook Pro.