IT House News on June 11, Massachusetts Institute of Technology Security researchers used the PACMAN M1 chip attack and successfully defeated the "last security line" called Apple Silicon.
According to 9TO5MAC, when designing the M1 chip, Apple created different security layers, and each layer aims to prevent the attacker from successfully penetrating the previous layer. The last layer of M1 is the security function called PAC, which can help protect the CPU attack on attackers who have obtained memory access rights.
However, a team from MIT (MIT) successfully defeated PAC through the hardware they called Pacman. This result comes from researchers from computer science and artificial intelligence laboratories (CSAIL).
CSAIL found that the PAC security function can be cracked through the hardware attack it developed, and PACMAN can find the correct value to successfully pass the PAC pointer authentication. And because its Pacman attack involves hardware equipment, the software patch cannot solve the problem.
The team said that the vulnerability also existed in other ARM chips, not just M1, but it has no chance to try M2.
At present, the research team has informed Apple this issue and will disclose more details at the International Symposium on Computer Architecture on June 18. Apple has not commented on this.
IT House learned that Pacman is the third vulnerability found in the M1 chip. In May last year, the security researcher Hector Martin discovered a vulnerability called M1racles, which allowed two applications to secretly exchange data.
Last month, a team of multiple universities discovered a vulnerability called Augury, which can cause chip leak static data, but no feasible vulnerability use method has not yet been displayed.