OS X Yosemite 10.10.2 update has already gone out to developers and soon will be rolled out to OS X users. The Thunderstrike vulnerability allows malware to be injected into Macs via the Thunderbolt port. It is possible because hardware attached to a system through Thunderbolt port are not as secure as a Mac itself. The update also addresses the three zero-day vulnerabilities previously disclosed by Google’s Project Zero. Apple is preparing to release the second update to its customers in the coming days.
Source: https://thehackernews.com/2015/01/apple-osx-yosemite-thunderstrike-vulnerability.html