Firmware Bug in OSX Could Allow Installation of Low-Level Rootkits

There is a vulnerability buried deep in the firmware of many Apple laptops that could allow an attacker to overwrite the machine’s BIOS and install a rootkit, gaining complete control of the Mac.

The vulnerability lies in the UEFI system on some older MacBooks, and researcher Pedro Vilaca discovered that after a MacBook is put to sleep and then brought back up, the machine’s low-level firmware is left unlocked.

“And you ask, what the hell does this mean? It means that you can overwrite the contents of your BIOS from userland and rootkit EFI without any other trick other than a suspend-resume cycle, a kernel extension, flashrom, and root access,” Vilaca wrote in an explanation of the vulnerability and attack.

The attack is somewhat similar to one known as Thunderstrike, which was disclosed late last year and allowed a researcher to deliver a bootkit through a peripheral device connected to the Thunderbolt port. The attack developed by a researchers named Trammel Hudson, could install malware that would survive an OS reinstall, like the one developed by Vilaca.

“Since it is the first OS X firmware bootkit, there is nothing currently scanning for its presence. It controls the system from the very first instruction, which allows it to log keystrokes, including disk encryption keys, place backdoors into the OS X kernel and bypass firmware passwords,” Hudson said in January. “It can’t be removed by software since it controls the signing keys and update routines. Reinstallation of OS X won’t remove it. Replacing the SSD won’t remove it since there is nothing stored on the drive.”

By email, Vilaca said that the issue he discovered is more concerning than the Thunderstrike attack.

“Anyone who has developed Thunderstrike like capabilities can exploit this bug right away with minimal effort. It’s more powerful than Thunderstrike because it allows remote attack vectors while Thunderstrike is mostly a local and physical attack to the target machines,” he said via email.

Vilaca said in his analysis that he has tested the attack on a MacBook Pro Retina, a MacBook Pro 8.2, and a MacBook Air, all running the latest available version of the EFI. The vulnerability can be exploited remotely, Vilaca said. 

“The bug can be used with a Safari or other remote vector to install an EFI rootkit without physical access. The only requirement is that a suspended happened in the current session. I haven’t researched but you could probably force the suspend and trigger this, all remotely. That’s pretty epic ownage,” Vilaca said.

He added that he believes Apple may know about this vulnerability already, as it doesn’t seem to be present on machines sold after about the middle of 2014. 

“The issue at stake is that I believe Apple has a corporate culture problem regarding security (like Microsoft had many years ago) and they only seem to react when pushed against a corner. If they indeed knew about the bug – because I don’t believe it’s a coincidence not working in latest machines – then they keep their pattern of not patching older versions,” Vilaca said.  

“This is a bad policy and at least if they want to put it in practice at least be straightforward with customers and warn them about the issues. People can then take informed decisions about their risks. Of course this is wishful thinking and they will not shoot their own foot coming forward with things like this. But that’s a philosophical discussion about management around the world and why it’s so wrong these days.”

Suggested articles