First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨Lemmynated@lemmy.zip⁩ to ⁨technology@lemmy.zip⁩

https://www.tomshardware.com/tech-industry/cyber-security/apple-m5-architecture-suffers-first-privilege-escalation-exploit-anthropics-claude-mythos-helps-researchers-bypass-memory-integrity-enforcement

source

Comments

Sort:hotnew top

RegularJoe@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

There aren’t many technical details, but the vulnerability is simple in practice: run a command as a standard user and gain root (administrator) access to the machine. Macs are rarely servers, so the practical impact is limited. However, the exploit remains concerning, as it’s relatively easy to trick a user into running it and, with full system control, also hard to find and remove.

“the practical impact is limited.” but if it’s your Mac…

source
- artyom@piefed.social ⁨3⁩ ⁨weeks⁩ ago
  
  trick a user into running
  
  That doesn’t sound like an exploit at all. You can “trick a user” into running sudo rm -rf as well. That’s not an exploit.
  
  source
  - kungen@feddit.nu ⁨3⁩ ⁨weeks⁩ ago
    If you can get root as a standard user, without providing your password, it is indeed an exploit.
    
    source
    -> View More Comments
one_old_coder@piefed.social ⁨3⁩ ⁨weeks⁩ ago

the vulnerability is simple in practice: run a command

lol no

source
pageflight@piefed.social ⁨3⁩ ⁨weeks⁩ ago
The article didn’t say; has someone (Apple) verified the exploit? The “aren’t many details” caveat puts me on the lookout for hallucinated exploits.

source
Ashrakal@lemmy.ml ⁨3⁩ ⁨weeks⁩ ago
One thing I’m curious about is if the vulnerability also affects prior chips (M1-M4), or if it’s an exclusive to the new M5 with split CPU & GPU.

Besides that, I hope they patch it without compromises to performance.

source