Technology

Alarm Bells Ring as New Apple CPU Vulnerabilities Expose Browser Data!

2025-01-28

Author: Rajesh

A group of security researchers has uncovered alarming side-channel vulnerabilities in Apple’s latest processors, posing significant risks of sensitive data theft from web browsers. This discovery could change the landscape of cybersecurity for Apple users globally.

The research team from the Georgia Institute of Technology and Ruhr University Bochum shed light on these critical vulnerabilities in separate papers titled FLOP and SLAP, presented in October 2023. These vulnerabilities stem from flawed speculative execution practices, reminiscent of earlier high-profile attacks known as Spectre and Meltdown.

What You Need to Know about FLOP and SLAP Attacks!

The FLOP and SLAP attacks leverage features of Apple’s processors designed to enhance processing speed by making predictions about future instructions, which can result in unwanted data traces in memory. As per the researchers, beginning with the M2/A15 processor series, Apple’s CPU architecture tries to predict not only the next memory address to be accessed but also the actual data values that will return from memory with the M3/A17 generation.

The downside? Misguided predictions can lead to arbitrary computations on out-of-bounds or incorrect data values, leading to severe security breaches. These miscalculations provided a pathway for attackers to surpass web browser sandboxes, granting unauthorized access to personally identifiable information within popular browsers like Safari and Chrome.

How the Attacks Work

So how do these vulnerabilities work? The attacks can be executed remotely by simply visiting a malicious website that utilizes JavaScript or WebAssembly to trigger them.

The researchers disclosed these vulnerabilities to Apple, with SLAP reported on March 24, 2024, and FLOP on September 3, 2024. While Apple recognized the proof-of-concept shared by the researchers, as of now, they have yet to implement any fixes or mitigations, claiming there is no immediate risk to users.

Diving Deeper into FLOP!

The FLOP attack focuses on the newest M3 and A17 processors, which predict not just which memory addresses to access but also the data values stored there. If any of these predictions go wrong, attackers can exploit the situation to access sensitive information. In one experiment, the researchers successfully tricked the M3 CPU into making inaccurate predictions, demonstrating that it could leak data by employing a cache timing attack. This allowed attackers to extract details from private services like Proton Mail and Google Maps, along with recovering private events from iCloud Calendar.

What’s the Deal with SLAP?

On the other hand, the SLAP attack affects M2 and A15 models and is centered around Load Address Prediction. An attacker can “train” the CPU to anticipate a specific memory access, subsequently causing it to read confidential data by tweaking the memory layout. This misdirection leads to unauthorized data exposure, enabling attackers to gather confidential information from sources like Gmail, Amazon orders, and Reddit activities.

The Real-World Significance of These Attacks

The implications of FLOP and SLAP are enormous, as they exploit widely adopted hardware without needing physical access to the machine. A simple visit to a malicious site could lead to the leak of sensitive data, effortlessly bypassing conventional safeguards such as browser sandboxing and address space layout randomization (ASLR).

Given the sophistication of the attacks, the scripts used in demonstration cases highlight how modern web browsers can unintentionally turn into conduits for cyberattacks.

What Can Users Do?

Until Apple rolls out security updates to address these vulnerabilities, users are advised to consider disabling JavaScript in both Safari and Chrome as a short-term mitigation strategy, though this might disrupt normal browsing activities.

In an age where cybersecurity threats continuously evolve, staying informed about new vulnerabilities is paramount. Apple users, it’s time to stay vigilant and proactive! Stay tuned as we continue to follow this story and explore further developments!