Apple Is Moving Quickly to Fix Thunderstrike Bug

The Thunderstrike 2 worm will be patched in the next version of OS X.

Aug 5 2015, 4:29pm

Photo: Wikimedia Commons

Apple is moving quickly to quash vulnerabilities in its Mac firmware. The Guardian reported today that Apple will push out an update "as soon as possible" that will patch vulnerabilities that the recently developed Thunderstrike 2 worm targets. The patch is expected to be included in OS X 10.10.5.

The Thunderstrike 2 worm was developed by Xeno Kovah, a security researcher at LegbaCore, and Trammell Hudson, an engineer at Two Sigma Investments, and it was designed to infect the firmware of Mac computers.

The worm specifically targets the BIOS, the "heart" of the computer that loads up your operating system and interfaces your mouse and keyboard when you turn your computer on. Kovah and Hudson exploited shared code between HP, Dell, and Lenovo computers to uncover BIOS vulnerabilities back in January—this sort of hacking was largely the NSA's domain. Recently, the worm was modified to attack Mac computers, using phishing emails and code offloaded via malicious websites as vectors.

The worm would then overwrite the machine's firmware and seek out other peripherals to infect through connections via the Thunderbolt adapter. A Wired demo shows that the worm can even infect solid state drives and Thunderbolt ethernet adapters.

"Because people haven't been patching their BIOSes, all of the vulnerabilities that have been disclosed over the last couple of years are all open and available to an attacker," the two told Wired.

And because the BIOS has historically been sensitive to mess around with (for a while it's been very user-unfriendly to update, though now that's changed in recent PCs), BIOS hacks have been mostly unheard of until earlier this year.

Luckily for Mac users, this should all soon be a thing of the past.