Apple Squashes EFI Flash Memory Security Holes in OS X Mavericks and Mountain Lion

Apple released Mac EFI Security Update 2015-001 on Monday, a security update for Mountain Lion and Mavericks that patches two flaws dealing with EFI Flash memory. Both flaws would have allowed the bad guys to take over your Mac.

Apple Bug

Apple's patch notes:

Mac EFI Security Update 2015-001

EFI

  • Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
  • Impact: A malicious application with root privileges may be able to modify EFI flash memory
  • Description: An insufficient locking issue existed with EFI flash when resuming from sleep states. This issue was addressed through improved locking.
  • CVE-ID: CVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vilaça

EFI

  • Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
  • Impact: A malicious application may induce memory corruption to escalate privileges
  • Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates.
  • CVE-ID: CVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014)

You can download the update through the Mac App Store on Mountain Lion and Mavericks, or you can download the standalone installer (105.4MB) from Apple's support site.