Apple's macOS devices, which have an Intel processor and T2 security chip, have a vulnerability that cannot be fixed - at least that's what a security researcher claims.
The so-called T2 security chip, which is used in newer Mac devices, is an Apple Silicon-based co-processor that handles boot and security operations along with disparate functions such as audio processing. Niels H., an independent security researcher, points out that the T2 chip has a serious flaw that cannot be fixed. Since the T2 security chip is based on Apple's A10 processor, it is vulnerable to the same Checkkm8 vulnerability as iOS-based devices. This could allow attackers to bypass the activation lock and carry out other malicious attacks. Normally, the T2 chip will immediately lock when it detects a decryption call in DFU mode. However, the vulnerability can be paired with another vulnerability developed by Pangu that can be used to bypass the DFU security mechanism when exiting DFU. Once an attacker gains access to the T2 chip, they have full root access and kernel execution privileges.
T2 chip: Apple cannot fix vulnerability
Although it cannot decrypt files protected by FileVault encryption, it can inject a keylogger and steal passwords, as the T2 chip manages keyboard access. The vulnerability could also allow manual bypass of security locks through MDM or Find My, as well as the built-in Activation Lock security mechanism. Even a firmware password does not mitigate the problem, as it requires keyboard access. Apple itself also cannot fix the vulnerability without a hardware revision, as the operating system underlying the T2 (SepOS) uses read-only memory for security reasons. On the other hand, this also means that the vulnerability is not persistent – it requires a hardware component, e.g. a malicious USB-C cable made specifically for this purpose. The security researcher explained, he has already contacted Apple about this. But he has not yet received a response. For your information – The following Mac devices have about the Apple T2 security chip:
- iMac from 2020
- iMac Pro
- Mac Pro from 2019
- Mac mini from 2018
- MacBook Air from 2018 or newer
- Macbook Pro from 2018 or newer
T2 chip exploit: Am I in danger and can I protect myself?
Now some Mac users are asking the legitimate question of whether and how they can protect themselves from the vulnerability. According to Niels H., the security hole affects all Mac products with a T2 chip and an Intel processor. Since Apple silicon-based devices use a different boot system, it is not clear whether they are also affected - that remains to be seen. Due to the nature of the security hole and the associated exploits, physical access is required to carry out attacks. Average users should therefore not be in immediate danger. However, the use of USB-C devices whose origin is unknown should be avoided. (Photo by monsitj / Bigstockphoto)
