Apple’s M1 chip has an ‘unfixable’ flaw, but you probably shouldn’t worry

Apple has responded to reports of an “unpatched” vulnerability in the M1 processors that power the company’s recent MacBook and Mac laptops.

Researchers at the Massachusetts Institute of Technology (MIT) say the “last line of security” in Apple Silicon hardware can be circumvented.

Scientists at MIT’s Computer Science and Artificial Intelligence Laboratory have discovered a vulnerability in hardware-level pointer authentication codes (PACs), which Apple uses to ensure the security of programs that attempt to execute code.

The nerds at MIT have found a way around this with a device that continually guesses the PAC, until it finds the correct key. They call it a “PACMAN” attack.

In the research paper published this week: “The idea behind pointer authentication is that if all else has failed, you can still count on it to prevent attackers from taking over your system. We have shown that pointer authentication as a last line of defense is not as absolute as we once thought,” said the paper’s co-senior author, PhD student Joseph Ravichandran.

“When pointer authentication was introduced, a whole category of bugs suddenly became much more difficult to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be much larger,” he added.

The researchers say there is “no immediate warning” because there must be a myriad of other breaches for this “last line of defense” to be breached. The researchers presented their findings to Apple, which responded with a statement to TechCrunch.

An Apple spokesperson said: “We would like to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques. Based on our analysis, as well as details shared with us by researchers, we have concluded that this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.

Apple’s M1 chip has an ‘irreparable’ flaw, but you probably shouldn’t worry, it was first featured on ComoHow.

Share this:

  • Click to share on Twitter (Opens in a new window)
  • Click to share on Facebook (Opens in a new window)
  • Plus
  • Click to share on LinkedIn (Opens in a new window)
  • Click to share on WhatsApp (Opens in a new window)