78 meneos
255 clics
M1RACLES: vulnerabilidad en el chip M1 de Apple (ING)
Un fallo de diseño en el chip M1 de Apple Silicon permite a dos aplicaciones cualquiera intercambiar datos entre ellas sin utilizar el sistema operativo. Esto es posible entre procesos de diferentes usuarios y con distintos privilegios, lo cual permite la creación de un canal para transferir datos de forma subrepticia. Esta vulnerabilidad no se puede solucionar sin modificar el diseño del chip.
|
comentarios cerrados
So what's the point of this website?
Poking fun at how ridiculous infosec clickbait vulnerability reporting has become lately. Just because it has a flashy website or it makes the news doesn't mean you need to care.
If you've read all the way to here, congratulations! You're one of the rare people who doesn't just retweet based on the page title :-)
Can malware use this vulnerability to take over my computer?
No.
Can malware use this vulnerability to steal my private information?
No.
Can malware use this vulnerability to rickroll me?
Yes. I mean, it could also rickroll you without using it.
Can this be exploited from Javascript on a website?
No.
Can this be exploited from Java apps?
Wait, people still use Java?
Can this be exploited from Flash applets?
Please stop.
Can I catch BadBIOS from this vulnerability?
No.
Chances are it could communicate in plenty of expected ways anyway."