Apple OS X 10.10.2 to fix 'Thunderstrike' issue and more

"Thunderstrike" is the name for an attack that can target Mac hardware via the Thunderbolt port. Apple has already updated the iMac with Retina 5K and the 2014 Mac mini to partially secure them from Thunderstrike. Next, the company plans to address the issue on all Macs running Yosemite with OS X 10.10.2

Apple has already started seeing out OS X 10.10.2 to developers earlier this week, and should push the update to general users once the initial testing is complete.

To secure against Thunderstrike, Apple had to change the code to not only prevent the Mac's boot ROM from being replaced, but also to prevent it from being rolled back to a state where the attack would be possible again. According to people with access to the latest beta of OS X 10.10.2 who are familiar with Thunderstrike and how it works, that's exactly the deep, layered process that's been completed.

In the meantime, no instances of Thunderstrike have been found in wild, and the attack requires either physical access to the targeted computer, or social engineering sufficient to trick the owner into "attacking" themselves.

Besides fixing the Thunderstrike issue, OS X 10.10.2 also fixes three recently disclosed Project Zero vulnerabilities[*]. The Project Zero vulnerabilities are reportedly not highly critical. None of these exploits can be used remotely, which means they'd need to be combined with remote exploits or with physical access to the hardware to be put to any practical use.



source - TidBITS | Ars Technica

[*] Google [ 1 | 2 | 3 ]