Skip to main content

Here's the latest security bug your computer could be exposed by

Audio player loading…

A newly discovered firmware vulnerability could leave countless Windows and Mac computers at risk from a hack, according to security researchers from Duo Labs (opens in new tab). The vulnerability could be used by malware to gain deep access to systems.

The bug involves the extensible firmware interface, or EFI, which is the first bit of code that runs when you hit the power button - part of its responsibilities include validating the software that's running on the machine.

Based on tests on 74,000 Apple Macs, the Duo Labs team found that the EFI firmware was not always being updated at the same time as the operating system, leaving a security hole that could potentially be exploited. The vulnerability could also affect Windows PCs, the researchers say (opens in new tab).

Risk assessment

The good news is that a hack taking advantage of the EFI vulnerability would need to be quite a complex one, and it's only really worth the trouble if you've got some pretty important data locked away on your machine.

What's more, Duo Labs says it hasn't spotted anyone actively making use of this security loophole yet - it's working with Apple and other computer makers to get the bug patched. "For most people in most situations, the risk is currently not severe," the researchers say.

If you're on a Mac machine, updating to the latest version of the software (macOS High Sierra) is enough to squash the vulnerability. For more details about how the security vulnerability works and how to guard against an attack, see the Duo Labs blog (opens in new tab).

  • Risk less by shelling out for one of the cheap laptops we’ve found
David Nield
Freelance Contributor

Dave is a freelance tech journalist who has been writing about gadgets, apps and the web for more than two decades. Based out of Stockport, England, on TechRadar you'll find him covering news, features and reviews, particularly for phones, tablets and wearables. Working to ensure our breaking news coverage is the best in the business over weekends, David also has bylines at Gizmodo, T3, PopSci and a few other places besides, as well as being many years editing the likes of PC Explorer and The Hardware Handbook.