Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Mac EFI Security Update 2015-001

   Agen G. N. Schmitz

   Apple has released [1]Mac EFI Security Update 2015-001 for OS X 10.8.5
   Mountain Lion and 10.9.5 Mavericks, which prevents a malicious
   application with root privileges from modifying a Mac's EFI flash
   memory. Additionally, the EFI (Extensible Firmware Interface) update
   shuts down a memory corruption bug (also known as 'Rowhammer') that
   existed on some DDR3 RAM that could enable full read-write access.
   These EFI updates are also included on the 10.10.4 Yosemite release
   (see '[2]Apple Improves Networking in OS X 10.10.4,' 30 June 2015). Mac
   EFI Security Update 2015-001 is available as a [3]direct download as
   well as via Software Update. (Free, 101 MB)

References

   1. https://support.apple.com/en-us/HT204934
   2. http://tidbits.com/article/15763
   3. https://support.apple.com/kb/DL1823?locale=en_US

.