“Thunderstrike 2” rootkit uses Thunderbolt accessories to infect Mac firmware [Updated]
Update: Apple tells us that this bug has been at least partially patched in OS X 10.10.4, so this particular version of Thunderstrike shouldn’t be of immediate concern to users of fully updated Macs. We’ve reached out to Trammell Hudson for confirmation and will update the post if we receive further information.
Update 2: Hudson has posted more details about Thunderstrike 2 and the status of Apple’s fixes to his Web site.
Thanks to a firmware update and OS X 10.10.4, he says Macs are “no longer trivially vulnerable,” but he lists several vulnerabilities that Apple still needs to fix; the company has been informed of the problems. Hudson and Xeno Kovah, the other researcher who helped develop Thunderstrike 2, will be presenting more details in a talk at the Black Hat conference tomorrow.