Thunderstrike 2 Mac Malware and other serious Apple exploits: how to effectively check?

Solution 1:

There are several tools available from Howard Oakley’s site that I would recommend that you look at.

SilentKnight – a new generation with fully automatic security checks

[C]heck whether your Mac is up to date automatically. Checks EFI firmware, security settings and data files, and has both a summary Help page and a detailed reference. Update handles firmware checks in Sierra more leniently now it is unsupported.

silnite – a command tool which performs the same checks as SilentKnight

If you’re managing Macs on a network, this is an invaluable way of checking EFI firmware, security settings including SIP and FileVault, and security data file updates. A choice of two levels of detail, which can include checks against my database of current versions, and reports to stdout in either text or JSONised XML. Can also download and install waiting updates. Update improves firmware checking.

LockRattler – a quick check of your security systems

LockRattler checks your Mac’s basic security systems are active, reports version numbers of security configuration files which are active, the latest updates installed, and makes it easy to check for and install updates. Ideal for checking that SIP is enabled, and it has Apple’s latest silent security updates.

Those three tools can be found at https://eclecticlight.co/lockrattler-systhist/.

All are available for free.

He has other free tools which can all be found linked to https://eclecticlight.co/downloads/.

I realize these are 3rd-party tools, but they are also the best ways that I know of to actual accomplish your goal of checking to make sure things are up-to-date.