A number of newer Apple devices are carrying a unique flaw, eerily reminiscent of Spectre/Meltdown (opens in new tab), that could allow threat actors to steal sensitive data, experts have warned.
A team of researchers from the University of Illinois Urbana-Champaign, Tel Aviv University, and the University of Washington, have discovered a flaw in a feature unique to Apple silicon, called Data Memory-Dependent Prefetcher (DMP).
The flaw possibly affects a whole host of Apple silicon, including its own in-house M1 and M1 Max chips, the team has warned.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
Not to worry
The idea behind DMP is to boost system performance by pre-fetching data, even before it’s needed - data that’s essentially at rest. Usually, due to security reasons, data would be limited and split between various compartments, and only pulled out when needed.
With DMP, data gets fetched in advance, and it’s this data that can be accessed by unauthorized third parties, similar to the Spectre/Meltdown flaw. With the latter, however, the silicon would try to speculate which data could be used in the near future, somewhat limiting the attack surface. With Apple’s DMP, the entire contents of the memory could be leaked.
The researchers named the flaw “Augury”. So far, Apple’s A14 System on Chip (SoC), found in 4th Gen iPad Air and 12th Gen iPhone devices, M1, and M1 Max were all found to be vulnerable. While they’re suspecting older silicon (M1 Pro, and M1 Ultra, for example) might also be vulnerable to Augury, they’ve yet only managed to showcase the flaw on these endpoints (opens in new tab).
> Spectre returns - Intel and ARM-based CPUs hit by serious vulnerability (opens in new tab)
> AMD forced to fix Spectre patch after Intel reveals flaws (opens in new tab)
> Intel Tiger Lake processors will thwart future Spectre and Meltdown attacks (opens in new tab)
Apple is allegedly “fully aware” of the discoveries, which it has reportedly discussed with the researchers, but is yet to share any mitigations plans and patch timelines.
TechRadar Pro has reached out to Apple for comment.
Right now, there’s only so much to be worried about, the researchers are saying, as they haven’t demonstrated any end-to-end exploits with Augury techniques, yet. So, no malware (opens in new tab) - at least not right now.
“Currently, only pointers can be leaked, and likely only in the sandbox threat model,” they say. “If you are counting on ASLR in a sandbox, I’d be worried. Otherwise, be worried when the next round of attacks using Augury come out.”
- System flaws are often used to deploy malware. Protect your premises with the best solutions on the market (opens in new tab)
Via: Tom's Hardware (opens in new tab)