Developer Hector Martin found a vulnerability in the Apple M1 processor that allows two applications, running under one operating system, to covertly exchange data with each other without using memory, files or any other normal operating system feature.
The specialist has named this vulnerability M1RACLES and, according to him, Apple intentionally violated the ARM specifications by removing one of the functions. The company probably believed that users of Apple’s proprietary operating system, computers, and laptops would not need this option.
- Jack Dorsey – CEO of Twitter warns: ‘Hyperinflation is going to change everything’ and ‘It’s happening’
- In the US, a student party ended in a fatal shooting
- One of the US prisons has the largest COVID outbreak
- A cargo ship is on fire on the border between Canada and the United States
- A quarter of COVID patients get mental disabilities – scientists
Hector Martin has alerted Apple users through his website, where he explains that this vulnerability allows two applications to exchange data with each other and that this process takes place at different users with different privileges.
During the data exchange, the programs create a secret channel.
According to the specialist, this vulnerability cannot be fixed through an update, since it is caused by the hardware. However, he noted that this vulnerability is unlikely to be used for a large-scale attack.
Apple’s first devices with the M1 processor, which replaced Intel processors, were introduced in November when the company introduced the Mac mini computer and the MacBook Pro and MacBook Air notebooks.
Image Credit: iStock