Developer Hector Martin found a vulnerability in the Apple M1 processor that allows two applications, running under one operating system, to covertly exchange data with each other without using memory, files or any other normal operating system feature.
The specialist has named this vulnerability M1RACLES and, according to him, Apple intentionally violated the ARM specifications by removing one of the functions. The company probably believed that users of Apple’s proprietary operating system, computers, and laptops would not need this option.
- Three hot beverages that reduce the risk of cancer and heart diseases named
- A new method of protection against COVID revealed
- A man chases his stolen Lamborghini on a ‘scooter’
- Scientists find out who is at higher risk of re-infection with COVID
- Dangerous beauty: scientists find toxic substances in cosmetics
Hector Martin has alerted Apple users through his website, where he explains that this vulnerability allows two applications to exchange data with each other and that this process takes place at different users with different privileges.
During the data exchange, the programs create a secret channel.
According to the specialist, this vulnerability cannot be fixed through an update, since it is caused by the hardware. However, he noted that this vulnerability is unlikely to be used for a large-scale attack.
Apple’s first devices with the M1 processor, which replaced Intel processors, were introduced in November when the company introduced the Mac mini computer and the MacBook Pro and MacBook Air notebooks.
Image Credit: iStock