This article originally appeared in TidBITS on 2015-06-30 at 9:21 p.m.
The permanent URL for this article is:
Include images: Off

Mac EFI Security Update 2015-001

by Agen G. N. Schmitz

Apple has released Mac EFI Security Update 2015-001 [1] for OS X 10.8.5 Mountain Lion and 10.9.5 Mavericks in order to prevent a malicious application with root privileges from modifying a Mac’s EFI flash memory. Additionally, the EFI (Extensible Firmware Interface) update shuts down a memory corruption bug (also known as “Rowhammer”) in some DDR3 RAM that could enable full read-write access. These EFI updates are also included in the 10.10.4 Yosemite release (see “Apple Improves Networking in OS X 10.10.4 [2],” 30 June 2015). Mac EFI Security Update 2015-001 is available as a direct download as well as via Software Update. (Free, 101 MB)