There’s stories in multiple news sites today about a UEFI firmware bug in Apple systems, by security researcher Pedro Vilaça (@osxreverser), that is somewhat similar to Thunderstrike.
According to Dennis Fisher’s story at Threatpost, “The vulnerability can be exploited remotely, Vilaca said.” Threatpost also states: “He added that he believes Apple may know about this vulnerability already, as it doesn’t seem to be present on machines sold after about the middle of 2014.”
If you have Apple — or perhaps other UEFI-based — hardware, you should follow this story!
More information:
Firmware Bug in OSX Could Allow Installation of Low-Level Rootkits
http://www.pcworld.com/article/2929172/apple-vulnerability-could-allow-firmware-modifications-researcher-says.html
http://www.securityweek.com/efi-zero-day-exposes-macs-rootkit-attacks-researcher
Firmware Security 