What you need to do about Thunderstrike 2

TidBITS security editor Rich Mogull responds to Monday's Wired article about Thunderstrike 2, a proof-of-concept firmware worm that infects attached Thunderbolt devices allowing for non-networked transmission to other Macs:

No, nearly everyone can ignore Thunderstrike 2 entirely. The research really is excellent, compelling work that the Wired piece unfortunately turned into a bit of a fright-fest. The Web attack vector, in particular, is blocked in OS X 10.10.4. The worm can’t automatically jump air gaps — those in sensitive environments can easily protect themselves by being careful where they source their Thunderbolt devices, and this entire family of firmware attacks is likely to become a lot more difficult as hardware improves, and as device manufacturers update their firmware code.

What You Need to Know About the Thunderstrike 2 Worm | Rich Mogull for TidBITS

Blocked by Yosemite, Thunderbolt only. Assuming you don't deal in black or gray market external external devices, and you keep your Mac up-to-date, you're probably good.