Skip to main content

This ‘unpatchable’ Mac flaw is keeping me up at night

Apple MacBook Pro 16 downward view showing keyboard and speaker.
Mark Coppock / Digital Trends

Apple prides itself on the security of its devices, but that doesn’t mean they’re immune to malicious attacks. That point has just been proven by researchers who say they’ve discovered a major new vulnerability in any Mac that runs on an Apple silicon chip, according to a report from Ars Technica. Worst of all, it looks like the problem is completely unpatchable.

So, what’s the flaw? According to the researchers, it all comes down to components called data memory-dependent prefetchers (DMPs). Essentially, these predict what data is going to be needed next and preemptively retrieve it. The idea is that this saves on computing resources, but they leave a potential window open to attack.

Recommended Videos

If that opportunity is exploited, and attacker could steal a Mac’s encryption keys, even when they’re protected by cryptographic apps designed to keep them safe. That could potentially give a malicious actor wide-ranging access to what’s stored on your Mac.

Please enable Javascript to view this content

But unlike most modern vulnerabilities, the researchers say this one cannot be patched because it is inherent to the “microarchitectural” design of Apple silicon chips. There are steps that can be taken to mitigate it, but they might have a serious impact on the performance of the affected chips.

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

This is an issue affecting Apple silicon chips and, unfortunately, it seems that that means every Apple silicon chip generation. So, it’s not something you can avoid if you have the latest M3 MacBook Pro, for example.

The researchers dubbed the exploit GoFetch, and it’s not known if it has been used in the wild yet. Using the attack, the team was apparently able to extract a 2048-bit RSA key in under an hour, which is pretty fast.

According to the researchers, they first brought the flaw to Apple’s attention on December 5, 2023, and waited 107 days before making it public.

The only bright side is that this attack is unlikely to be used on regular Apple users. But that’s not much comfort when we know there’s very little Apple can do to banish the issue once and for all. We’ll have to see what — if anything — Apple is able to do to fix it and keep your Mac safe.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Intel chips held back the 15-inch MacBook Air, Apple says
Apple's 15-inch MacBook Air placed on a desk.

Apple’s 15-inch MacBook Air is a surprisingly good laptop, and its positive reception might make you wonder why Apple didn’t launch it sooner. Well, we just got the answer from Apple itself, and it turns out the fault apparently lies with Intel.

That interesting tidbit was revealed by Laura Metz, Director of Product Marketing at Apple, and Thomas Tan from Apple’s enterprise product marketing team. Speaking to Inc, the pair explained that Apple silicon was the driving force in creating the 15-inch MacBook Air.

Read more
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
M4 Mac Pro: everything we know so far
apple mac pro made in austin tx usa 2019

The Mac Pro is Apple’s most powerful Mac. Or at least, that’s the intention. But since its release in 2019, Apple has gone on to launch both the Mac Studio and new MacBooks with powerful chips that are banging on the $7,000 Mac Pro’s door. That means an update is in order.

Luckily, rumors and leaks indicate that a new Mac Pro should be launching at some point in 2025. If you’re wondering what it might look like and how powerful it could be, you’re in the right place, as we’ve gathered all the Mac Pro news we can find into one place. To see what’s on the horizon for Apple’s flagship desktop dominator, read on.
Price and release date

Read more