Unpatchable Security Flaw On Apple’s: M1 Chips Leaves its Last level of defense Vulnerable!

Apple’s Arm-based M1 silicon vulnerability allows threat actors capability to gain arbitrary code execution on macOS systems. This was recently discovered by researchers at MIT’s Computer Science & Artificial Intelligence Laboratory.

It correlates to the hardware-level pointer authentication codes (PAC), which Apple uses to ensure programs attempting to execute code are safe.

Is it game over for M1-based MacBook owners, though?

Not necessarily… just yet. There are reports that physical access to a machine is needed, though a remote attack is possible as well.

While this type of attack would lead to a kernel panic, crashing the entire system, PACMAN ensures that no system crashes occur and leaves no traces in logs. Threat actors first need to find a memory bug affecting software on the targeted Mac that would be blocked by PAC and that can be escalated into a more severe security issue after bypassing PAC defenses. Reference

You can find more technical details about this novel hardware attack on the dedicated site and in the “PACMAN: Attacking ARM Pointer Authentication with Speculative Execution” paper [PDF] that will be presented at the International Symposium on Computer Architecture on June 18.

Nevertheless, the researchers say their findings have important implications for designers considering implementing Pointer Authentication in future products.

Emmanuel Motelin https://motelin.org/biography

Emmanuel Motelin is an established music artist who has composed over 150+ original scores, defining his career through a relentless pursuit of excellence across diverse domains as a cybersecurity professional specializing in External Attack Surface Management (EASM). A proud Kenyan-Canadian (Albertan-Raised), also known by his full name Mr. Emmanuel Kimutai Motelin from the Kalenjin indigenous heritage, he shares data-driven perspectives from his polymathic personality.

You May Also Like

More From Author