MUMBAI, INDIA: Security firm Symantec has detected a critical vulnerability in some Apple Mac models that can allow hackers to inject systems with persistent rootkit malware.
To date, Symantec has tested four different Mac computer models. The security firm found that the Mac Mini 5.1 and MacBook Pro 9.2 are vulnerable, whereas the MacBook Pro 11.3 and MacBook Air 6.2 are not affected. Vilaca's tests verified the MacBook Pro Retina 10.1, MacBook Pro 8.2, MacBook Air 5.1 and Mac Pro 9.1 are vulnerable. All computers tested ran on Apple's latest firmware versions.
Called the Apple Mac OS X EFI Firmware Security Vulnerability, the malware was originally disclosed last week by security researcher Pedro Vilaca.
"While such vulnerabilities are not widespread, they do emerge from time to time. Once an attacker has root access, the only condition required for successful exploit is that the computer enter sleep mode," Symantec asserts.
The reason being flash protections of some Mac models are left unlocked during the period, and this provides hackers enough time to reflash the computer's firmware and install Extensible Firmware Interface (EFI) rootkit malware.
Once installed, the malware can remotely control your system and potentially steal user data even though the system wipe is set in motion. Researchers however, point out that this attack may not impact masses, but is generally used to spy upon specific, targeted users with valuable data.
Symantec suggests that till the time Apple issues a firmware patch to fix the security flaw, users are advised to shut down their computers rather than put them in sleep mode.