Skip to main content

This ‘unpatchable’ Mac flaw is keeping me up at night

Apple MacBook Pro 16 downward view showing keyboard and speaker.
Mark Coppock / Digital Trends

Apple prides itself on the security of its devices, but that doesn’t mean they’re immune to malicious attacks. That point has just been proven by researchers who say they’ve discovered a major new vulnerability in any Mac that runs on an Apple silicon chip, according to a report from Ars Technica. Worst of all, it looks like the problem is completely unpatchable.

So, what’s the flaw? According to the researchers, it all comes down to components called data memory-dependent prefetchers (DMPs). Essentially, these predict what data is going to be needed next and preemptively retrieve it. The idea is that this saves on computing resources, but they leave a potential window open to attack.

If that opportunity is exploited, and attacker could steal a Mac’s encryption keys, even when they’re protected by cryptographic apps designed to keep them safe. That could potentially give a malicious actor wide-ranging access to what’s stored on your Mac.

But unlike most modern vulnerabilities, the researchers say this one cannot be patched because it is inherent to the “microarchitectural” design of Apple silicon chips. There are steps that can be taken to mitigate it, but they might have a serious impact on the performance of the affected chips.

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

This is an issue affecting Apple silicon chips and, unfortunately, it seems that that means every Apple silicon chip generation. So, it’s not something you can avoid if you have the latest M3 MacBook Pro, for example.

The researchers dubbed the exploit GoFetch, and it’s not known if it has been used in the wild yet. Using the attack, the team was apparently able to extract a 2048-bit RSA key in under an hour, which is pretty fast.

According to the researchers, they first brought the flaw to Apple’s attention on December 5, 2023, and waited 107 days before making it public.

The only bright side is that this attack is unlikely to be used on regular Apple users. But that’s not much comfort when we know there’s very little Apple can do to banish the issue once and for all. We’ll have to see what — if anything — Apple is able to do to fix it and keep your Mac safe.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Mac Pro 2023: performance, a familiar design, new displays, and more
apple mac pro made in austin tx usa 2019

The Mac Pro is Apple’s most powerful Mac. Or at least, that’s the intention. But since its release in 2019, Apple has gone on to release new MacBooks with powerful M1 Max chips that are banging on the $6,000 Mac Pro’s door. That means an update is in order.

Luckily, rumors and leaks indicate a new Mac Pro should be launching at some point in 2023. If you’re wondering what it might look like and how powerful it could be, you’re in the right place, as we’ve gathered all the Mac Pro news we can find into one place. To see what’s on the horizon for Apple’s flagship desktop dominator, read on.
Price and release date

Read more
Apple confirms a new Mac Pro is coming — but when will it launch?
Tim Cook presenting the Mac Pro on stage at WWDC in 2019.

It’s been a long wait for Apple to launch a new Mac Pro powered by an Apple silicon chip, but Apple is still committed to making it a reality. That’s according to a senior Apple executive, who confirmed the news in an interview with India Today.

The statement from Bob Borchers, Apple’s Vice President of Worldwide Product Marketing, is the first time Apple has given any official word on the upcoming Mac Pro since the company’s hardware exec John Ternus said in March 2022 that it was “for another day".

Read more
Apple just made a huge move to power up your next MacBook
The screen of the MacBook Air M2.

Your next iPhone or Mac could have a major advantage over rival devices, with performance and efficiency that nothing else can match, if a new report is to be believed. It claims Apple has gobbled up the entire supply of a new breed of superefficient chips.

Those chips are manufactured by a company called TSMC that has made Apple’s powerful mobile and computer chips for years. If correct, the report from DigiTimes (via MacRumors) implies Apple’s competitors -- whether they’re making Windows PCs or Android smartphones -- will have to wait their turn while Apple has its fun with the brand-new 3-nanometer chips.

Read more