UEFI firmware security overview
Since 2006, Mac computers with an Intel-based CPU use an Intel firmware based on the Extensible Firmware Interface (EFI) Development Kit (EDK) version 1 or version 2. EDK2-based code conforms to the Unified Extensible Firmware Interface (UEFI) specification. This section refers to the Intel firmware as the UEFI Firmware. The UEFI firmware was the first code to execute on the Intel chip.
In order to prevent attacks that physically attach to the firmware storage chip that stores UEFI firmware, Mac computers were re-architected starting in 2017 to root the trust in the UEFI firmware stored in the Apple T2 Security Chip. On these Mac computers, the root of trust for the UEFI firmware is specifically the T2 firmware. This design relies on the T2 to protect the UEFI firmware (and Secure Boot as a whole) from persistent infection, in much the same way that boot is protected by the A Series SoCs in iOS and iPadOS.
For Mac computers without the Apple T2 Security Chip, the root of trust for the UEFI firmware is the chip where the firmware is stored. UEFI firmware updates are digitally signed by Apple and verified by the firmware before updating the storage. To prevent rollback attacks, updates must always have a version newer than the existing one. However, an attacker with physical access to the Mac could use hardware to attach to the firmware storage chip and update the chip to contain malicious content. Likewise, if vulnerabilities are found in the early boot process of the UEFI firmware (before it write-restricts the storage chip) this could also lead to persistent infection of the UEFI firmware. This is a hardware architectural limitation common in most Intel-based PCs which is present in all Mac computers without the T2 chip.
To address this limitation, Mac computers were re-architected to root the trust in the UEFI firmware in the Apple T2 Security Chip. On these Mac computers, the root of trust for the UEFI firmware is specifically the T2 firmware, as described in the macOS boot section later in this section. To achieve a persistent UEFI firmware infection, an attacker would need to achieve a persistent T2 firmware infection.
Intel Management Engine (ME)
One subcomponent which is stored within the UEFI firmware is the Intel Management Engine (ME) firmware. The ME — a separate processor and subsystem within Intel chips — can be used for remote management, protected audio and video, and security enhancement. To reduce that attack surface, Mac computers run a custom ME firmware from which the majority of components have been removed. This allows the Mac ME firmware to be smaller than the default minimal build that Intel makes available. Consequently, many components (such as Active Management Technology) that have been the subject of public attacks by security researchers in the past are not present within Mac ME firmware. The primary use of the ME is audio and video copyright protection on Mac computers that have only Intel-based graphics.