Photo: Tada Images (Shutterstock)
Every piece of tech carries the risk of bugs and security flaws, but Macs running Apple’s M1 chips are apparently vulnerable to an all-new category of threat. Security researchers at MIT’s Computer Science & Artificial Intelligence Laboratory (CSAIL) have discovered a hardware-based exploit—dubbed “PACMAN”—that could theoretically allow someone to bypass a Mac device’s hardware-level security checks and deploy malicious code.
The PACMAN attack dodges the Apple M1 CPU’s Pointer Authentication Code (PAC), which normally blocks unauthorized changes to a Mac’s operating system or other data. However, there must be a pre-existing bug the attacker can use to skip the PAC—such as the bugs that are patched with routine security updates. Hypothetically, if a user did not immediately install those important updates, it could leave them vulnerable to the PACMAN exploit.
Think of it this way: Your Mac’s PAC is like a ghost that normally thwarts PACMAN, but unpatched software bugs are like the power pellets PACMAN eats that make your ghost vulnerable to his chomps.
The MIT researchers alerted Apple to the risk, but since the flaw exists at the hardware level, it can’t be patched out like firmware or software bugs. While that sounds pretty bad, it’s important to point out the PACMAN attack is only a proof-of-concept attack created by the MIT researchers for testing purposes. There is no evidence of a similar attack existing in the wild. In fact, Apple’s official stance is that PACMAN poses “no immediate risk” to average users.
“Based on our analysis, as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass device protections on its own,” the company stated, as quoted by TechCrunch.
Even if PACMAN won’t chomp through your M1 Mac’s security any time soon, its existence is a good reminder to always install macOS updates as soon as possible—you never know what sort of new tricks a hacker will be able to pull on an unpatched device.
[Bleeping Computer]