This flaw allows two malicious apps on a machine utilizing an M1 chip to set up a covert communications channel and communicate with each other.

As bad as it sounds, the significant silver lining in the equation is that unless your machine has been compromised by two separate forms of malware by other means, the exploit is completely useless.

Although harmless on its own, the exploit is still a big deal. It is especially important to Apple engineers, who said outright that the concept of covert communications on any level is a violation of the company's OS security model. Unfortunately, even given that, the company has not come right out and said whether a redesign of the M1 is in the works, or when that process might be completed.

In any case, if your M1-based machine has been infected by two different pieces of malware, you've got bigger problems than worrying about whether or not they're communicating with each other. So this flaw is almost certainly not reason enough, on its own, to prompt potential buyers to steer clear of the M1.

It is something of a black eye to Apple though. All through its development cycle, the company claimed that when released, the M1 would be the most advanced and secure chip on the market. A flaw like this that's baked into the silicone itself is an undeniably clear refutation of those claims. In light of that, it's almost certain that one way or another, the company will address the issue, even if they haven't yet released a timetable for doing so.

Used with permission from Article Aggregator