A newly discovered flaw has been found by a security researcher. It allows an attacker to install malware that can persist even after all data on the hard drive has been erased. The flaw modifies Apple’s UEFI (unified extensible firmware interface).
Unlike the Rootpipe or Thunderstrike flaws, exploiting this vulnerability doesn’t require physical access to the computer. The flaw takes advantage of a short period of time when your Mac is waking from sleep. During this time, the UEFI is unlocked, allowing malicious data to be written.
The discoverer of the vulnerability, security researcher Pedro Vilaca, says attackers could inject malware to a Mac connected to the internet. He tested the exploit on a number of pre-2014 Macs, all of which were running Apple’s latest EFI firmware. He was able to infect them all.
It’s thought machines released after mid-2014 are not vulnerable to the flaw.