Today an utterly terrifying Apple Mac worm has been spotted. Many Mac users like to think that Apple’s computers are all but safe from any sort of software virus, and with this report that gonna not strictly true. In fact Macs don’t suffer from the same security, or at least virus issues that have plauged the Windows PC for many a year. Security through obscurity has kept the Macintosh OS X system largely at the bottom of the virus food chain, but that doesn’t mean it’s invulnerable, rather it compromising.
Driving to that point home, researchers Xeno Koveh and Trammell Hudson have taken some common PC-based firmware vulnerabilities and tested them out on Macs. In return, all but one of the six vulnerabilities tested were also capable of affecting the Mac, which may come as a surprise.
Two Mac viruses strike at the heart of the Apple’s OS X platform’s secure image. Thunderstrike 2′, a worm which moves from MacBook using hardware, joins privilage escalation bug seen in the wild for the first time. Another one exploits a weakness first confirmed in mid-July, which allows a malicious program that gains access to a Mac to run as though it is the administrator of the computer – a vulnerability known as “privilege escalation”.
For the uninitiated, a firmware vulnerability is one that could allow infection of the set of insructions that govern a PC’s hardware components. Not only is a firmware worm hard to detect, it acannot be removed either by simply wiping the system or reinstalling the operating system as it does not reside on the hard disk. PCs or Macs are not particularly well equipped to prevent such an infection from happenning, and the ease with which they can be infected is concerning.
If that infection counts, does occur, the firmware’s ability to tell the machine what to do when it is in the process of booting or has no operating system running can be comromised, with the consequences being directed indeed. Wired says, infecting a machine could be as easy as getting someone to plug an infected Ethernet adapter into a target Mac, thanks to that hardware’s use of an Option ROM. The worm would then spread to the target machine and any peripherals attached to it will also have an Option ROM. The cycle would then continue as the infected accessory is moved from machine to machine. Clever!
What can you do to protect yourself? Since the security flaws were outlined to Apple, one has been fixed and another is in the process of being fixed, which should give us a hope that Apple is at least working to plug whatever security holes are still available to those keen to hack their way into a Mac.