MIT researchers have discovered an exploit in Apple's M1 chips, that can potentially never be fixed.
This is because the exploit originates in a hardware-level security mechanism called pointer authentication codes or PAC.
This mechanism prevents an attacker from running malicious code from the device's memory and guards against buffer overflow exploits, which is a form of attack that can cause memory to leak into other locations of the chip.
MIT's researchers from Computer Science and Artificial Intelligence Laboratory, have unearthed a flaw with the mechanism. This flaw allowed the researchers to run a hardware-level attack, that isn't caught by the security mechanism.
Also Read: Apple CEO Tim Cook on work-from-home and virtual interactions
The attack called Pacman guesses PAC codes and fools the system into thinking it has not been maliciously altered. Since this is a hardware-level attack, it cannot be fixed by software patches and could remain unfixed.
“The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system,” said Joseph Ravichandran, a PhD student at MIT CSAIL, in an interview with Techcrunch.
Also Read: Apple could launch 15-inch MacBook Air, 14-inch iPad Pro by 2023: Report
“We’ve shown that pointer authentication as a last line of defense isn’t as absolute as we once thought it was,” Ravichandran added.
It's worth noting that Apple has PAC enabled on all its M1 chips so far, and Samsung along with Qualcomm, are expected to introduce new chips in the market with PAC.
MIT said that it has not tested the exploit on Apple's M2 chip, which also has PAC enabled.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
