Apple’s T2 chip in Mac has an unfixable security problem

Apple's latest MacBook Pro equipped with the T2 security chip.

Apple's latest MacBook Pro equipped with the T2 security chip.

(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)

Security researchers have exposed a vulnerability in Apple’s T2 security chip that can allow hackers to jailbreak a Mac, and let them gain full control of the system. It will also help them get into an iPhone paired with it to steal records.

The flaw that can impact the MacOS platform, especially the latest MacBook Air and MacBook Pro, is the one researchers have been using for over an year to jailbreak older models of the iPhone.

An attacker has to be physically present to access the device. But once they gain entry, they can install a remote system to access it virtually.

Checkra1n, a tech community providing high-quality tethered jailbreak, found that security of T2 chip can be compromised by running Checkm8 and Blackbird, jailbreak exploits for iOS devices.

Since both vulnerabilities were found in Read-Only-Memory part of the chip, which is flashed to the chip during production and cannot be altered later, Apple cannot patch them without rolling a completely new hardware.

The flaw is simply unfixable in any Mac equipped with the T2 security chip.

Once an attacker exploits the two vulnerabilities, they can gain full control over the system. They can access the entire processor, which can be used to install unauthorised software.

However, rebooting the T2 will likely get rid of this. Users can check Apple’s support page to get assistance on how to reboot the chip as simply rebooting the Mac does not help.

Rick Mark, a T2 specialist at T2Checkra1n, said his group had mailed Apple about the issue, but are yet to hear back from them. Mark has published a timeline blog about his findings on the vulnerability.

A Belgian security firm, IronPeak wrote in a blog that no recent macOS devices are any longer safe to use if left alone.

“The only thing they could do is recall affected product, but they don’t have items to replace them with,” Mark said. “Apple’s silence is going to reflect poorly.”

Our code of editorial values

This article is closed for comments.
Please Email the Editor

Printable version | Jun 15, 2022 3:23:31 pm |