Computers Apple computers are at risk from flawed updates, researchers find Your Mac should be getting these patches automatically. But it may not be, and that could spell trouble.
In fact, it's the most important thing you can do to keep your computer safe. Say it with me: But there isn't much you can you do if the update doesn't work the way it should.
That's what's happening with some automatic updates to Apple computers. According to research published by Duo Security on Friday , Apple updates can sometimes leave out very important patches to computer firmware, the updatable code that runs on computer processors and other chips. Out of more than 73, Macs reviewed by the researchers, 4. Some models of Apple computers, many of them older, were especially behind the curve, with 16 of them showing no firmware updates and 18 of them appearing only to have been updated before leaving the factory.
In the computers with firmware that was older than expected, "The update failed for some reason, and that failure was never noticed," said Rich Smith, director of research and development at Duo Labs. It's especially dangerous for firmware to be left vulnerable to hackers because it runs very powerful code.
A hacker could use the code to gain complete control over a computer and potentially access any network that the computer can. Apple said it appreciated Duo's research. In an emailed statement, the Mac maker added that it "continues to work diligently in the area of firmware security, and we're always exploring ways to make our systems even more secure.
According to Apple Insider, if an update failed and the firmware isn't up-to-date, users will be asked to send Apple a report affected computers will still be usable.
Firmware is a category of software that sits "in the dark end of the system that people are less familiar with," Smith said. Your laptop, or any computerized hardware , has a silicon chip inside that runs everything. Most importantly, it starts up your computer when you press the power button, but it has more features than that. Sometimes features of that chip are permanent, but some can be updated after you purchase your device. Updating your software is one of the best ways to keep your computer safe from hackers.
But Mac firmware updates sometimes fail without alerting users, leaving computers vulnerable. Court "Firmware is halfway between hardware and software," Smith said. That's progress, Smith said, but his research team suspected the process might still have some hiccups. Apple may not be alone Smith said Windows computers likely have similar or worse problems, but he doesn't yet have data to support that suspicion. His team focused on Apple for "lazy reasons," Smith said.
Each firmware update is tied to a specific version of the operating system on Apple computers, so it's easy to see exactly what firmware you'd expect a given machine to have. What's more, Apple controls everything about its computers, from the manufacture and sale to the updates down the road. The process of building, selling and updating Windows machines is "far more fragmented and complex," and it's harder to know what version of firmware a given computer should be running. Microsoft declined to comment for this report.
Duo Security is releasing open-source tools on Friday it hopes will help users check whether their computers are running the right version of firmware. The tools still need refining before they can help regular people check their firmware, Smith said, so it's not clear when you'll be able to use them. Apple will continue to offer software updates for its previous two operating systems, which would ostensibly include firmware updates, but it won't validate the firmware on a weekly basis.
So for now, the only way to make sure you're running the most current firmware is to update to High Sierra. CNET chronicles tech's role in providing new kinds of accessibility. Welcome to the crossroads of online life and the afterlife.