![]() ![]() If the firmware version displayed in the hardware overview is older than that listed for your Mac, then download the firmware and apply the update. Apple has stopped updating that page since September 2017. You can compare that to the firmware update number Apple lists in a support document dedicated to EFI and SMC updates for Intel-based Mac computers. In the hardware overview section macOS displays the Model Identifier, the Boot ROM version and the SMC version number your Mac is running. You can check what EFI version your system is running by clicking on the Apple menu and selecting About This Mac > System Report > Hardware. How You Can Check the EFI Firmware Version However, if you are running one of the 16 Mac models identified by Duo Labs, there is a chance that your system hasn’t received any EFI update at all: iMac 7,1 to 10,1, MacBook 5,1 and 5,2, MacBook Air 2,1 and more. That leaves a security hole in the system, because although users might have the latest OS version installed, if the EFI firmware is an older version, it lacks the latest fixes of known firmware issues.Īpple released EFI updates separately, but since 2015 the EFI update is bundled in the software update Apple has been pushing out to users. What Does That Mean to Mac Users?Īfter analyzing 73,000 Macs currently in use, Duo Labs has discovered a discrepancy between the firmware versions they expected the machines to be running and the actual EFI version installed. The catch is that the flaw isn't new and seems to require physical access to the Mac in order to work. The vulnerability allowed the CIA, for example, to spy on targeted Mac users, as a so-called Vault 7 cache of secret CIA documents released by WikiLeaks show. That changes with macOS 10.13 High Sierra, which contains a tool validating the authenticity of the firmware running on the Mac. Due to the firmware's level of privileges, if a hacker can gain access to it then their attack cannot be detected. EFI is the BIOS replacement originally developed by Intel that aims to overcome the limitations of the PC BIOS. The flaw, discovered by security researchers at Duo Labs, is in the EFI (Extensible Firmware Interface) firmware, which sits beneath the operating system. Still, Apple now has to address an industry-wide issue that leaves a portion of Macs vulnerable to hacker attacks. You can then boot the key using the Mac Pro built-in boot selector (holding Alt before the chime).Īnd voilà, you're set.At every opportunity, Apple touts the security advantages of controlling both software and hardware: it's why the “It just works” slogan has become synonymous with the company. you can also take a shell.efi binary (for instance, from rEFIt's tools), rename it to boot.efi and copy it at the root of a FAT formatted USB key. To boot the EFI Shell, simply install rEFIt. In order to use it, copy the two files to a EFI accessible partition (FAT or HFS), boot to the EFI Shell, and simply issue the command: SmcFlasher.efi -LoadApp m43a.smc If you edited the file properly, its md5 sum should now be 84dbe9708eafc0c29653414b06292f8e. The next 9 bytes replace a comparison and a conditional jump (related to a global variable set by isValidConfig) by 9 nops.Īnd the last 5 bytes replace the call to the function that prevents from downgrading the SMC firmware by xor eax, eax inc eax nop nop. The first 5 bytes replace the call to the function that checks whether the upgrade path is approved by Apple (isValidConfig) by xor eax, eax nop nop nop. Here is the list of modifications you have to make: Sorry, but I won't host proprietary licensed binaries here. Then, using a hex editor, you'll have to modify the EFI updater, in order to bypass the hardware check (which prevents from flashing anything that doesn't follow the approved path). SmcFlasher.efi is the EFI update tool, m43a.smc is the SMC firmware. Next, get the required resources from the included package/app: Anything else, I can't guarantee.įollowing MacEFIRom's work on his Mac Pro 2006-2007 Firmware Tool (you need to be registered to see the download link), here is a way to update the SMC, to complete the 2006-2007 conversion.įirst, get the firmware update tool from Apple, at (md5 sum: 40c5e766f5b59c56501240f6cb732112). I did the update on a 2006 Mac Pro, running the 06 EFI firmware and 1.7f10 SMC firmware. Disclaimer: This is totally unsupported! I won't be responsible if you Mac Pro catches fire or simply refuses to boot afterwards.
0 Comments
Leave a Reply. |