The PCILeech connected to a MacBook Air. Image: Ulf Frisk Swedish hacker Ulf Frisk demonstrated his trick in a blog post yesterday (Dec. 15). By simply connecting a device running his PCILeech software to a MacBook Air’s Thunderbolt port, then forcing a reboot, you can gain the system’s password in less than 30 seconds. With that password comes access to FileVault, the encryption software that protects the hard drive, so you’re essentially handing over even a well-protected Mac. MORE: Best Apple Laptops Frisk says Apple’s latest patches, released Wednesday (Dec. 14) will secure your Mac from this attack. To install the update, click the Apple icon in the top left corner of your screen, select App Store and click Updates. How were Macs vulnerable to this attack before macOS 10.12.2? Apple left two vulnerabilities open until now. The first didn’t protect system memory from direct access (known as Direct Memory Access) before the OS boots up completely. The second was that the system stored passwords kept in FileVault in unencrypted plain text, which made those character strings easy to steal during the boot sequence. If you’re curious about how long it takes to patch leaks such as these, Frisk discovered the issue near the end of July of this year, and then presented and released an earlier version of the technology at the DEF CON 24 hacker conference Aug. 5, without singling out Macs as vulnerable. (The same attack method also works on 64-bit Windows and Linux.) Frisk formally notified Apple of the vulnerability Aug. 15, and the company privately responded to him Aug. 16. However, it took until December 13 for Apple to release the security update as a part of macOS 10.12.2. Two days later, Frisk updated the PCILeech code to simplify the Mac attack.

macOS High Sierra Tips

Previous TipNext Tip

How to Download and Install macOS High SierraHow to Use Picture-in-Picture on a MacHow to Use Siri on Your MacHow to Use Optimized Storage in macOS SierraHow to Use Memories in the Photos App on MacHow to Use Messages in macOS SierraHow to Use Apple Pay in macOS SierraHow to Unlock a MacBook with Your Apple Watch