The most worrying feature of the current AI ‘revolution’ is how heavily it’s being promoted by everyone from vibe coders to governments. The best and most enduring revolutions are quiet, and bring change because they’re so compelling. If something new has to be heavily evangelised, look deeply inside it to discover why, and who stands to gain most from that snake-oil.

In the case of Mac firmware, change has been so underplayed that you might not have realised what has happened over the last decade. But Macs have gone from impending disaster in Thunderstrike 2 with many running old firmware known to be vulnerable, to Secure Boot and thoroughly reliable updates.

In 2015 Trammell Hudson, Xeno Kovah and Corey Kallenberg demonstrated a firmware worm they named Thunderstrike 2 that could have been abused to insert malware in boot flash storage in Macs. Had that been exploited it would have been disastrous. Apple acted quickly by hiring Kovah and Kallenberg, and a third firmware security researcher Nikolaj Schlej, but shortly after that Rich Smith and Pepijn Bruienne, then of Duo Labs, reported that many Macs were running outdated firmware. When Apple addressed Thunderstrike 2 it could thus have taken a year or more before most Macs would have been protected.

While Kovah, Kallenberg and Schlej were busy securing firmware, and developing eficheck to routinely screen it in every Mac each week, several of us were trying to work out how to maintain a list of current firmware versions for users to check their Macs against. The answer came in eficheck, which obligingly informed us of those it accepted, and we then discovered how to extract firmware update information from macOS updates, for which I’m eternally grateful to Pico for doing the work. From 4 October 2017 those version lists have been published on this blog.

Two years later, in July 2019, firmware version checking was automated in EFIcienC, the precursor to SilentKnight, and became one of the pillars of checking that your Mac was secure.

In my latest revision of that guidance I was at last able to write that firmware “no longer needs to be checked separately” from macOS. My latest list of firmware versions for macOS 26 Tahoe contains just two, compared with over 39 given for High Sierra. The concern of dozens of articles here over those ten years, firmware and its updating can now be trusted, as Macs have moved from EFI to iBridge (T2) and iBoot (Apple silicon), with modern macOS updaters that install firmware reliably. Well, almost every time.

While Apple implies this in its Platform Security Guide, this remains a quiet revolution that didn’t mean anything to marketing, nor was there any mention in a press release. Neither do Apple’s support notes explain how it makes Apple silicon Macs the first to run the firmware matched with their macOS, and to be fully downgradable using IPSW image files.

This journey hasn’t been smooth, and many will still remember models such as the iMac Retina 5K 27-inch Late 2015 (iMac17,1), which in certain configurations simply wouldn’t update its firmware. We discovered that some other Macs updated reliably until their internal storage was replaced. In the end it was the introduction of the T2 chip that made the big difference, bringing the same EFI and iBridge versions across the whole range of Macs.

Compare this with UEFI Secure Boot, an option that Apple wisely decided not to pursue. One recent vulnerability that could have allowed an attacker to deploy malicious bootkits in systems with Secure Boot enabled was reported by ESET in June 2024, but that vulnerable firmware wasn’t revoked by Microsoft until 14 January 2025. Another recent UEFI vulnerability affecting multiple models of Framework computers, BombShell, allows bypass of their Secure Boot, requiring firmware updates that are still being rolled out.

Sometimes we need to look back to see how far we have come.