Why the “PACMAN” exploit is demonstrated You ought to continuously refresh your Mac

All technologies carry the risk of bugs and security flaws, but Macs running Apple’s M1 chip Obviously, it’s vulnerable to a whole new category of threats. Security researchers at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a hardware-based exploit called “PACMAN.” This could, in theory, allow someone to bypass the hardware-level security checks on your Mac device and deploy malicious code.

The PACMAN attack Dodge the pointer authorization code (PAC) of the Apple M1 CPU. This usually blocks unauthorized changes to your Mac’s operating system and other data. However, there must be existing bugs that attackers can use to skip the PAC, such as bugs that are patched with regular security updates. If users do not install these critical updates immediately, they may remain vulnerable to the PACMAN exploit.

Think of it this way. Mac PACs are usually like ghosts that interfere with PACMAN, but unpatched software bugs are like power pellets that PACMAN eats, making ghosts vulnerable to his chops. increase.

MIT researchers warned Apple of the risk, but the flaws exist at the hardware level and cannot be patched like firmware or software bugs. That sounds pretty bad, but it’s important to point out that the PACMAN attack is just a proof-of-concept attack created by MIT researchers for testing purposes. There is no evidence that similar attacks exist in the wild. In fact, Apple’s official position is that PACMAN “has no imminent risk” for the average user.
“Based on our analysis and the details shared by the researchers, we conclude that this issue does not pose an imminent risk to the user and is not sufficient to circumvent device protection alone. rice field.” As TechCrunch quoted, the company said..

Remember that the presence of PACMAN always installs macOS updates as soon as possible, even if PACMAN does not immediately break the security of your M1 Mac. I don’t know what new tricks hackers can do.The patched device.

[Bleeping Computer]

Why the “PACMAN” exploit is proven You should always update your Mac

Source link Why the “PACMAN” exploit is proven You should always update your Mac