CVE-2015-3692

Name of the Vulnerable Software and Affected Versions Apple Mac EFI versions before 2015-001 OS X versions prior to 10.10.4

Description The issue allows local users to conduct EFI flash attacks by leveraging root privileges, due to the lack of a locking protection mechanism when the system is woken from sleep.

Recommendations For Apple Mac EFI versions before 2015-001, update to version 2015-001 or later. For OS X versions prior to 10.10.4, update to OS X version 10.10.4 or later.