Developer Hector Martin found a vulnerability in the Apple M1 processor that allows two applications, running under one operating system, to covertly exchange data with each other without using memory, files or any other normal operating system feature.
The specialist has named this vulnerability M1RACLES and, according to him, Apple intentionally violated the ARM specifications by removing one of the functions. The company probably believed that users of Apple’s proprietary operating system, computers, and laptops would not need this option.
- ‘Strong Evidence’: Low on This Vitamin Can Cut Several Years Off Life
- Goodbye to Gym? This Pill Mimics the Benefits of Exercise – Says New Study
- Are Vitamin D Supplements a Placebo? Study Suggests Limited Benefits for Common Health Issues
- Expert Reveals ‘a Real Surprise Drink’ that You Thought ‘HEALTHY’ May Be Making Your Skin Older
- Say Goodbye to Bariatric Surgery and Dieting: New Study Reveals an Alternative Solution to Obesity That Actually Works
Hector Martin has alerted Apple users through his website, where he explains that this vulnerability allows two applications to exchange data with each other and that this process takes place at different users with different privileges.
During the data exchange, the programs create a secret channel.
According to the specialist, this vulnerability cannot be fixed through an update, since it is caused by the hardware. However, he noted that this vulnerability is unlikely to be used for a large-scale attack.
Apple’s first devices with the M1 processor, which replaced Intel processors, were introduced in November when the company introduced the Mac mini computer and the MacBook Pro and MacBook Air notebooks.
Image Credit: iStock