Security Researchers Discover Chip-Level Exploit in Apple Silicon Mac’s M-series chips

Security Researchers Discover Chip-Level Exploit in Apple Silicon Mac's M-series chips

Key Points:

  • University security researchers uncover a chip-level exploit in Apple Silicon Macs called GoFetch, raising concerns about their security.
  • The exploit targets Data Memory-Dependent Prefetchers (DMPs) within M-series chips, allowing hackers to bypass encryption and access Mac’s security keys.
  • Users can feel reassurance, as exploiting this vulnerability would require circumventing Apple’s Gatekeeper protections and installing a malicious app.
  • Apple may face limitations in addressing this issue with software updates without compromising the performance of Apple Silicon.

A team of university security researchers has uncovered a chip-level exploit in Apple Silicon Macs, raising concerns about their security. The exploit, GoFetch, targets a component called Data Memory-Dependent Prefetchers (DMPs) within Apple’s M-series chips, allowing hackers to bypass encryption and access the Mac’s security keys.

The flaw in the DMPs, designed to improve processor efficiency by caching data, enables attackers to trick the system into dereferencing data that resembles a pointer, thereby putting significant amounts of program data at risk. This discovery sheds light on the vulnerability of Apple Silicon Macs despite their reputation for high performance and security.

The researchers’ findings highlight the severity of the security threat posed by DMPs and demonstrate the first end-to-end attacks on security-critical software using Apple’s M-series DMP. They emphasize that the exploit could compromise Mac users’ data privacy and security.

However, users can feel some reassurance, as exploiting this vulnerability would require circumventing Apple’s Gatekeeper protections, installing a malicious app, and letting the software run for up to 10 hours under specific conditions. This significantly reduces the likelihood of the exploit being used in real-world scenarios.

It’s important to note that Apple may face limitations in addressing this issue with software updates without compromising the performance of Apple Silicon. Additionally, users are encouraged to keep Gatekeeper enabled, as it restricts app installations to those from the Mac App Store and registered Apple developers, reducing the risk of installing malicious software.

While the discovery of the chip-level exploit in Apple Silicon Macs raises concerns about security vulnerabilities, existing security measures such as Gatekeeper mitigate the likelihood of exploitation. Nonetheless, continued vigilance and adherence to best security practices remain essential to safeguarding personal data on M-series Macs.

EDITORIAL TEAM
EDITORIAL TEAM
TechGolly editorial team led by Al Mahmud Al Mamun. He worked as an Editor-in-Chief at a world-leading professional research Magazine. Rasel Hossain and Enamul Kabir are supporting as Managing Editor. Our team is intercorporate with technologists, researchers, and technology writers. We have substantial knowledge and background in Information Technology (IT), Artificial Intelligence (AI), and Embedded Technology.

Read More

We are highly passionate and dedicated to delivering our readers the latest information and insights into technology innovation and trends. Our mission is to help understand industry professionals and enthusiasts about the complexities of technology and the latest advancements.

Follow Us

Advertise Here...

Build brand awareness across our network!