Apple Mac Silicon: Unpatchable Security Flaw Discovered—is it a Threat?

Should you be worried from this Mac Silicon security flaw?

Researchers have joined together in confirming this new Apple Mac Silicon vulnerability that they regarded to be an "unpatchable security flaw" that can break your computer's encryption. It was regarded by the university researchers that all of the current M-series chips of Apple are in danger from this flaw in a process called DMP, with the main reason behind it lies in the processor's architecture.

Since 2020's migration to the Apple Silicon SoCs, the company never looked back and touted it as the best chipset ever for the Mac platform and several iPad devices.

Apple Mac Silicon: Unpatchable Security Flaw Discovered

Researchers from six different universities found a security flaw in the Apple Mac silicon, creating an app called "GoFetch" that could successfully exploit the computers. The team detailed that the vulnerability centers on 'prefetchers' which is a memory-dependent hardware optimization process of the data running specific codes.

The DMP (Data Memory-dependent Prefetchers) load the content to the CPU cache before the computer needs it, reducing the latency between the CPU and main memory, which Ars Technica said to be a common bottleneck in modern computing.

A bug in the DMP is the main problem now, with the phenomenon present in the Apple M-series chips and Intel's 13th-gen Raptor Lake processors.

How This Mac M-series Vulnerability Works-Is It a Threat?

Through this, threat actors, and in this case, the researchers, were able to exploit the DMP bug which could manipulate the prefetcher to bring data stored in the chip to be mistaken for a memory address. Doing so repeatedly could cause an error, capable of decrypting a key.

According to the study, it has the potential to become a security threat, but risks are low. First off, users need to install a malicious app on their Macs, with the attack happening as quickly as 54 minutes to as much as 10 hours.

Apple was previously notified of this vulnerability but chose to not implement a fix as it significantly affects performance.

Apple's Mac M-series Chips

From the M1 down to the M3, Apple claimed that this chip is the most powerful and top processor ever for Mac computers, going as far as to boast of how it improved compared to Intel-powered Macs. Last year's M3 introduction also brought significant focus on Mac gaming, centering on this new era of Apple's dominance in designing chips that bring the latest for its computers.

However, M3's release last year immediately saw a vulnerability called the iLeakage exploit which targets various Apple devices, especially with the new MacBook Pro that was released.

Apple regarded that the M3 was the fastest, most secure, and top chip of the company now, but this latest discovery is presenting a significant flaw in the M-series design.

This new unpatchable security flaw found on the M-series chips is indeed concerning, especially as it affects the entire architecture from Apple and TSMC which may be a cause of future development of new threats. Users do have not much to worry about at this time as researchers claimed that installing malicious apps is how it starts, but it is best to remain vigilant from these possible threats on the M-series Macs.

ⓒ 2024 All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics