MIT researchers uncover ‘unpatchable’ flaw in Apple M1 chips

Mon, 27 Jun 2022 18:58:00 Daniel Sundermann

Apple’s M1 chips have an “unpatchable” hardware vulnerability that could allow attackers to break through its last line of security defenses, MIT researchers have discovered.

The vulnerability lies in a hardware-level security mechanism utilized in Apple M1 chips called pointer authentication codes, or PAC. This feature makes it much harder for an attacker to inject malicious code into a device’s memory and provides a level of defense against buffer overflow exploits, a type of attack that forces memory to spill out to other locations on the chip.

Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving a trace, and as it utilizes a hardware mechanism, no software patch can fix it.

More at https://techcrunch.com/2022/06/10/apple-m1-unpatchable-flaw/

About the author


Daniel Sundermann

Daniel Sundermann

 

I'm a long-time user and enthusiast of open source software and espouse the philosophy that software code should be open (readable). So that everyone can see what happens behind the scenes while we use our electronic devices every day.