Thunderstrike2
Latest
Apple bought the company that exposed its flawed firmware
What do you do when researchers create a worm that infects your company's firmware? If you're Apple, you buy the researchers. Last August, news broke of a exploit named "Thunderstrike 2." Delivered by a simple link, the worm could silently modify a Mac's firmware, meaning that even an OS reinstall wouldn't remove it. Thankfully, the researchers responsibly informed Apple of the issue, and the company had mostly solved this particular problem before it went public.
Apple will patch the DYLD bug in its next OS X release
Apple will patch the dangerous DYLD "privilege escalation" bug in its next OS release, Mac OS X 10.10.5, The Guardian reports. The DYLD bug allows a program to run with administrator access but without requiring an admin-level password. And unlike the Thunderstrike 2 worm, which has already been partially patched, the DYLD bug has been both spotted in the wild and remains unaddressed at this time. [Image Credit: the Associated Press]
