Mac Security

Is Out-of-Date EFI Firmware Putting Your Mac at Risk?

Michael McConnell 06-11-2017

When news breaks of a Mac security flaw, it almost always makes headlines. It should not be a surprise that a paper about Mac’s potential vulnerability to an EFI exploit became big news, even when the study’s authors say that most consumer users should not worry.


Most EFI attacks require physical access and sophisticated tools. However, they do warn about the risk when crossing borders during travel. Corporate users that have to protect sensitive data are also at risk.

If that sounds like you, how do you defend yourself?

What Is EFI?

You may be thinking: “I never downloaded EFI! How does it make my computer vulnerable?”

In Macs, the EFI is the boot firmware for your computer. It was the replacement for the Power PC Open Firmware Are There Still Any Legitimate Uses For a PowerPC Mac? Not sure what to do with your old PowerPC Mac? Here are some ideas. Read More . Its most basic function is loading macOS, and loading your preferences and settings from NVRAM. This same tech is on newer PCs as well and is more commonly known as UEFI What Is UEFI And How Does It Keep You More Secure? If you've booted your PC recently you might have noticed the acronym "UEFI" instead of BIOS. But what is UEFI? Read More .

The Simple Method

The simplest way to protect your Mac from these sort of EFI attacks is to update your Mac to macOS 10.12.6 or later A Complete Guide to Updating Your Mac's Software There's no one-size fits all maintenance solution, so it pays to understand how updates for your Mac and its software work. Read More . At this point, your EFI updates apply as part of the OS updates. You can find your current version by going to the Apple Menu and selecting About This Mac.


out-of-date efi firmware mac risk

If you do not see Version 10.12.6 under the macOS Sierra logo, you need to apply updates to your system. Open the Mac App Store and click on the Updates tab at the top. Any available updates show up in this panel. Check to see the target version for each update and repeat until you are at 12.6. You need to reboot several times as the updates apply, so be sure to save your work.

Note: You should always create a backup How to Partition Your External Time Machine Hard Drive Here's how to partition an external hard drive for Time Machine on your Mac so you can store other files too. Read More before installing major updates and operating system upgrades.

Some Macs may not have gotten any updates to their EFI. You can see a list in the paper. The shorthand version is that Macs from earlier than 2010 were not updated at all. Other Macs may not support the latest macOS 6 Signs It's Time to Replace Your Mac How long do Macs last? What are the signs that let you know when to get a new Mac? Here's when you should replace your Mac. Read More , making for more complicated updates.


Checking Your Vulnerability

Before you head down the road of chasing down your EFI manually, you want to check if you even have an issue. Thankfully as a part of the study, the researchers created a set of tools to test your EFI.

To check your status, you need to go to a web page and copy some information from your system report. First, open this page.

out-of-date efi firmware mac risk

The site asks you for three pieces of information: EFI Version Number, Mac Model ID, and Build Number.


The first is pretty self-explanatory, this is the version of EFI your Mac is currently running. Your Mac Model ID is the Model Name with a number that you see in Apple Support documentation. For example, MacBookAir5,1 is a 2012 MacBook Air.

The build number is an Apple shorthand for your particular version of macOS. None of this is uniquely identifiable, so you are not putting your privacy at risk when sharing it with the site.

To find your EFI version, open the system report. Hold Option and click the Apple menu How the Mac Option Key Can Give You More Menu Options The Option key on most Mac keyboards tend to be overlooked. Well, it can do a lot of cool stuff like adding new options to various right-click context menus! Read More , About This Mac changes to System Information. Then, click that to open the System Report. It should open in the Hardware Overview section. If it does not, click Hardware in the left-hand pane to pull it up.

out-of-date efi firmware mac risk


Closer to the bottom of the list you should see an entry: Boot ROM Version. Copy this and paste it into the top field of the site. To get the Mac Model ID, we stay on the same page. The second entry on the page is labeled Model Identifier, copy that and paste it into the second field.

out-of-date efi firmware mac risk

To get the final piece of info, click on Software in the left pane. On that page, the first entry is System Version. It is the full name of your current operating system followed by a code in parentheses. Copy the info inside the parentheses. Then, paste it into the third box.

out-of-date efi firmware mac risk

Finally, click Go. The site compares your info against their database. If you run High Sierra, you get an error that it cannot find a matching EFI version. However, most older versions of macOS return a message about your EFI.

If it says your version matches, you can move on confident that you are not vulnerable. If you get a message that it does not, you need to get an update.

Finding Your Updates Manually

If the site says that you have a vulnerable EFI, you need to get an update. If you are not getting any from the Mac App Store, search for them on Apple’s Support Downloads site. There is not an easy way to get there from the support home page, so use this link.

out-of-date efi firmware mac risk

Click on the Mac Notebooks or Mac Desktops link, and paste in the system name from your about this Mac. It looks something like this: MacBook Air (11-inch, Mid 2012). Because Apple uses this text in the update details, it helps filter out other model years of your Mac.

out-of-date efi firmware mac risk

Look for the latest entry named Your model name EFI Firmware Update x.x. and click on it. This page has the details of the update including what problems it fixes. Download the disk image and mount it. Next, run the package and follow the prompts to update your system to the latest version. Also, you may want to check some of the other downloads for your Mac to make sure that you are not missing any updates.

But the Mac Is Impervious to Hacking!

The study chose Macs because of a homogeneous hardware base. That does not mean Apple is the only manufacturer with EFI issues. PC users should check that they have applied all hardware updates to their machines How to Update Your UEFI BIOS in Windows Most PC users go without ever updating their BIOS. If you care for continued stability, however, you should periodically check whether an update is available. We show you how to safely update your UEFI BIOS. Read More .

EFI attacks are tricky because they need hardware access, but they are not impossible. The Mac has gained market share recently, especially with more businesses adopting Macs. A more substantial user base has made the Mac a more attractive target for hackers New OSX/Dok Malware Takes Over Your Mac: What to Do and How to Prevent It If you're a Mac user who looks down on "virus-prone" Windows users, the newly-dubbed OSX/Dok malware is a wake-up call. Here's how to prevent or remove it. Read More . As a result, Mac users need to think more about security Here's The Only Mac Security Software You Need For most people, OS X is fairly secure out of the box — and there are a number of programs out there that potentially do more harm than good. Read More .

What is a security tip that you think Mac users need to know 10 Security Checks Everyone Should Perform Regularly Security doesn't have to be a long-winded concern. You can spend just a few minutes here and there to secure your online life. Try these vital methods to start. Read More ? Are there any persistent myths about Mac security you want to dispel? Let us know in the comments.

Image Credit: Rangizzz/Depositphotos

Related topics: Computer Security, Software Updater.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *