bochoven
commented
7 years ago @rickheil was working on that, I believe.
Open childrss opened 7 years ago
bochoven
commented
7 years ago @rickheil was working on that, I believe.
jelockwood
commented
5 years ago @rickheil @bochoven @childrss
With Mojave Apple significantly changed the format of the EFI version string as seen in the 'usual' places. I believe due to this the EFIgy project is now sadly defunct since it no longer seems to work and the project page on GitHub is not active. (Subsequent High Sierra security updates also resulted in the same EFI version format change.)
If someone was to takeover and maintain a similar database then I believe this should still be possible. There is also in fact an alternative method to find and display the EFI version which more resembles the previous format and as such is more useful. As an example the 'new' EFI format string on my MacBook Pro 13-inch early 2015 is 180.0.0.0.0 but the command
/usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check
returns "EFI Version: MBP121.88Z.0178.800.1809171422".
See https://eclecticlight.co/2018/10/31/which-efi-firmware-should-your-mac-be-using-version-3/ and https://eclecticlight.co/2018/06/02/how-high-sierra-checks-your-efi-firmware/
Is anyone working on adding the EFI firmware bios version checking module to the Security Report for MunkiReport? Something that would quickly show (Ala the SMART failure status module) how many Macs have out-of-date firmware?
It could be useful per the Duo Security announcement late Sept 2017 regarding out-of-date Mac EFI's that is currently making the rounds at our institution :-/
Some open-source python code from Duo that could be useful... https://github.com/duo-labs/EFIgy