Duo Labs conducted an extensive data analysis on the state of Apple’s EFI security from two main perspectives. The first was analysing all EFI updates released by Apple since OS X 10.10.0 through macOS 10.12.6 to fully characterise the security support provided across different Mac models and OS versions. In addition to the data analysis discussed above, our research also aims to shine a light on the mechanisms used to update Apple’s EFI itself — discussing how Apple’s EFI updater tools operate and the controls they have in place.
By Rich Smith & Pepijn Bruienne
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-17/briefings.html#the-apple-of-your-efi-an-updated-analysis-of-the-state-of-apples-efi-security-support