Not so long ago, we talked about "Thunderstrike" a vulnerability in the firmware of some Ma computers that can be overwritten using a Thunderbolt device loaded with a ROM (read only memory, or read-only memory) special replacement.
This problem was solved in the OS X Yosemite 10.10.2, which is still in the testing phase and is expected to be released to the general public soon.
According to iMore, Apple had to change the code to not only prevent the Mac's boot ROM from being replaced but also to revert it to a state in which the attack was possible again. According to people with access to the latest beta version of OS X 10.10.2 and who are familiar with the ?Thunderstrike? and the way everything works, these changes have already been made.
It is worth noting that Ma also fixed three OS X vulnerabilities disclosed by Project Zero (from Google) in 10.10.2.