- About Us
We 365 Admin Support, just simplify your IT problems
Call for a free support. +91 96666 59505Platform Partnership
HIGHLIGHTS
A recent report has emerged, indicating that several of Apple’s latest processors are vulnerable to cyberattacks, which could expose data on devices such as iPhones, iPads, and Macs. Security researchers from renowned institutions—Georgia Institute of Technology and Ruhr University Bochum—have identified these critical vulnerabilities. Dubbed FLOP and SLAP, these issues relate to flaws in speculative execution, a technique also implicated in notable vulnerabilities such as the Spectre and Meltdown attacks.
The researchers shed light on how Apple’s processors, particularly the M2 and A15 chips, operate by predicting the memory addresses that will be accessed next. Additionally, the newer M3 and A17 chips also attempt to forecast the data values expected to be retrieved from memory. However, these predictions aren’t foolproof; incorrect assumptions can lead to unintended computations resulting in compromised data.
The ramifications of such computational errors are alarming. If exploited, these vulnerabilities could allow attackers to bypass web browser security measures, potentially leading to unauthorized access to personal information stored in browsers like Safari and Chrome. Once compromised, hackers could execute commands remotely via a web browser through malicious scripts such as JavaScript or WebAssembly code.
Moreover, the researchers disclosed the details of SLAP to Apple on March 24, 2024, followed by FLOP on September 3, 2024. In response, Apple has acknowledged these vulnerabilities with the following statement:
“We wish to express our gratitude to the researchers for their collaboration, as this proof of concept enhances our understanding of these types of threats. After thorough analysis, we do not believe this issue poses an immediate risk to our users.”
For those concerned about potential cyber threats and the safety of their data, a temporary solution would be to disable JavaScript in both Safari and Chrome until Apple introduces the necessary security updates. However, it’s essential to note that this workaround could disrupt the functionality of many websites. The significance of the FLOP and SLAP vulnerabilities cannot be overlooked, as they exploit modern hardware characteristics and can be executed remotely, positioning them as substantial security threats in today’s digital landscape.
Also Watch
This revision maintains the critical information about the vulnerabilities while enhancing clarity and context within the HTML structure.
