Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Mac EFI Security Update 2015-001

Apple has released Mac EFI Security Update 2015-001 for OS X 10.8.5 Mountain Lion and 10.9.5 Mavericks in order to prevent a malicious application with root privileges from modifying a Mac’s EFI flash memory. Additionally, the EFI (Extensible Firmware Interface) update shuts down a memory corruption bug (also known as “Rowhammer”) in some DDR3 RAM that could enable full read-write access. These EFI updates are also included in the 10.10.4 Yosemite release (see “Apple Improves Networking in OS X 10.10.4,” 30 June 2015). Mac EFI Security Update 2015-001 is available as a direct download as well as via Software Update. (Free, 101 MB)

 

Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Apple users who actually buy stuff.
More information: <http://tidbits.com/advertising.html>
 

Comments about Mac EFI Security Update 2015-001
(Comments are closed.)

I really wish Apple would provide some clarity for the machines affected. As far as I can tell the Mac EFI Security Update 2015-001 has patches for machines back to 2011.

Does that mean that Apple arbitrarily decided to only fix machines going back to that year or does it mean that earlier machines are somehow not affected?