No matter how updated your system is, it might be vulnerable to exploits because your computer still has some outdated code deep inside that hackers can reach to.
This is the firmware’s fault, with its programming written on the metal of the machine that controls all hardware. Because the firmware is right under the OS, if it’s attacked by a hacker it will grant him a lot of power over that computer.
The firmware has such a deep layer that it cannot be completely replaced not even after it received a new operating system or even a new hard disk. After a hacker’s attack, that computer won’t be able to be completely salvaged.
MacOS Firmware in Some Machines is Vulnerable
Researchers from Duo Labs have gathered data from over 73,000 Mc computers from different organizations that worked in several industries in order to see if the computers had a proper firmware or an EFI. They discovered that a lot of those cases involving machines that ran on the latest versions of macOS have a lag when looking at firmware, meaning that there is an open core part easy to be compromised.
Out of 54,000 Apple computers 4.2% machines had unexpected versions of extensible firmware interface. Out of the latest Apple machines we see a high percentage (43%) in the iMac 16,2 (21.5-inch screen) that was released in 2015. There were also affected three versions of MacBook Pro (13-inch screen) that were released last year, showing between 35% and 25% incorrect firmware.
According to the Duo Labs director of research and development, Rich Smith, the deviance shouldn’t exist in any machine and if it exists, it’s a significant case that has to be worked on. The problem with updated firmware that might be failing is that it won’t warn the user when it fails, so it is silent and it will be vulnerable without users knowing this.
Although your software is secure, the firmware is vulnerable. Meanwhile, Apple is working on making their devices safer by adding a tool in the 10.13 macOS to reveal if the firmware has been hacked or compromised.
If you’re using machines that might be vulnerable to such attacks, then consider scrapping the ones that are vulnerable, use them for duties that are not very important or buy new ones.