Apple vulnerability could allow firmware modifications, researcher says
A zero-day software vulnerability in the firmware of older Apple computers could be used to slip hard-to-remove malware onto a computer, according to a security researcher.
Pedro Vilaca, who studies Mac security, wrote on his blog that the flaw he found builds on previous ones but this one could be far more dangerous. Apple officials could not be immediately reached for comment.
Vilaca found it was possible to tamper with an Apple computer’s UEFI (unified extensible firmware interface). UEFI is firmware designed to improve upon BIOS, which is low-level code that bridges a computer’s hardware and operating system at startup.