Skip to main content
  1. Home
  2. Computing
  3. News

This ‘unpatchable’ Mac flaw is keeping me up at night

Alex Blake
By
Apple MacBook Pro 16 downward view showing keyboard and speaker.
Mark Coppock / Digital Trends

Apple prides itself on the security of its devices, but that doesn’t mean they’re immune to malicious attacks. That point has just been proven by researchers who say they’ve discovered a major new vulnerability in any Mac that runs on an Apple silicon chip, according to a report from Ars Technica. Worst of all, it looks like the problem is completely unpatchable.

So, what’s the flaw? According to the researchers, it all comes down to components called data memory-dependent prefetchers (DMPs). Essentially, these predict what data is going to be needed next and preemptively retrieve it. The idea is that this saves on computing resources, but they leave a potential window open to attack.

Recommended Videos

If that opportunity is exploited, and attacker could steal a Mac’s encryption keys, even when they’re protected by cryptographic apps designed to keep them safe. That could potentially give a malicious actor wide-ranging access to what’s stored on your Mac.

Related

But unlike most modern vulnerabilities, the researchers say this one cannot be patched because it is inherent to the “microarchitectural” design of Apple silicon chips. There are steps that can be taken to mitigate it, but they might have a serious impact on the performance of the affected chips.

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

This is an issue affecting Apple silicon chips and, unfortunately, it seems that that means every Apple silicon chip generation. So, it’s not something you can avoid if you have the latest M3 MacBook Pro, for example.

The researchers dubbed the exploit GoFetch, and it’s not known if it has been used in the wild yet. Using the attack, the team was apparently able to extract a 2048-bit RSA key in under an hour, which is pretty fast.

According to the researchers, they first brought the flaw to Apple’s attention on December 5, 2023, and waited 107 days before making it public.

The only bright side is that this attack is unlikely to be used on regular Apple users. But that’s not much comfort when we know there’s very little Apple can do to banish the issue once and for all. We’ll have to see what — if anything — Apple is able to do to fix it and keep your Mac safe.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
Mac Pro 2023: performance, a familiar design, new displays, and more
apple mac pro made in austin tx usa 2019

The Mac Pro is Apple’s most powerful Mac. Or at least, that’s the intention. But since its release in 2019, Apple has gone on to release new MacBooks with powerful M1 Max chips that are banging on the $6,000 Mac Pro’s door. That means an update is in order.

Luckily, rumors and leaks indicate a new Mac Pro should be launching at some point in 2023. If you’re wondering what it might look like and how powerful it could be, you’re in the right place, as we’ve gathered all the Mac Pro news we can find into one place. To see what’s on the horizon for Apple’s flagship desktop dominator, read on.
Price and release date

Read more
Apple confirms a new Mac Pro is coming — but when will it launch?
Tim Cook presenting the Mac Pro on stage at WWDC in 2019.

It’s been a long wait for Apple to launch a new Mac Pro powered by an Apple silicon chip, but Apple is still committed to making it a reality. That’s according to a senior Apple executive, who confirmed the news in an interview with India Today.

The statement from Bob Borchers, Apple’s Vice President of Worldwide Product Marketing, is the first time Apple has given any official word on the upcoming Mac Pro since the company’s hardware exec John Ternus said in March 2022 that it was “for another day".

Read more