Developer Hector Martin said the M1 processor chip Apple provides on the new iPad Pro and the latest MacBook Air, MacBook Pro , Mac mini and iMac has a security hole.
According to Engadget , the vulnerability exists at the hardware level of the M1 and cannot be fixed. Apple appears to have violated a specification requirement of the Arm architecture, which means there is no easy way to mitigate it. Essentially, this vulnerability allows two applications to secretly exchange data without using normal operating system features.The vulnerability doesn’t pose any serious risk, at worst it would allow advertisers to use for cross-app tracking. Martin says it cannot be used by bad actors to take over devices or steal users’ personal information.
According to Martin, the vulnerability affects not only all devices using the M1 chip but also the iPhone 12 series with the A14 Bionic chip because it is based on a microarchitecture like the M1.The only fix available is to run the entire operating system as a virtual machine (VM), but that would be too careful and waste resources unnecessarily. This vulnerability is also said to affect the next generation of the M1 chip, but will likely be fixed later.This implies that the M1X chip that is supposed to power the next MacBook Pro will also be vulnerable. Apple also admitted to being aware of this vulnerability.
