security flaw

Apple M1 Chips Have ‘Unpatchable’ Security Flaw, Say MIT Researchers

Researchers from MIT CSAIL have discovered a hardware vulnerability in Apple's M1 chips that they say cannot be fixed with a software patch — reports Macworld. According to the researchers, the problem lies with the M1's use of pointer authentication. Pointer authentication is a safety feature designed to protect the CPU from bad actors who gain...

Microsoft Discovers macOS Security Flaw ‘Powerdir’

Microsoft has just discovered a new macOS vulnerability “powerdir,” that could allow an attacker to bypass the operating system’s TCC technology, thereby gaining unauthorized access to a user’s protected data. For those who aren’t familiar, TCC in macOS helps users configure the privacy settings of their apps, such as access to the device’s camera, microphone,...

macOS Big Sur 11.3 Fixes Critical Security Flaw in Gatekeeper

The latest iteration of Apple's computer Operating System, macOS 11.3, launched earlier today, alongside iOS 14.5, iPadOS 14.5, tvOS 14.5 and watchOS 7.4. According to Mashable, there's a lot more to the update than gaming keyboard layouts and new intuitive features — macOS 11.3 comes with a fix for a critical (yet largely unreported) security vulnerability...

Updating to macOS 10.13.1 Undoes Apple’s ‘Root’ Bug Patch

Apple's quick patch for the recently discovered "root" user bug can be undone by upgrading to macOS 10.13.1. According to a Wired report on Friday, multiple users have confirmed that upgrading from macOS 10.13.0 High Sierra to the latest version 10.13.1, released at the end of October, disables Apple's security patch for the root user login flaw. In particular, users...

Google Security Researcher Reveals Android WiFi Security Flaw, iOS 10.3.1 Patched

A Google Project Zero researcher has found some critical vulnerabilities including a remote code execution in Broadcom’s Wi-Fi system-on-chip (SoC) which if exploited can allow attackers to compromise smartphone devices like iOS and Android devices. In a blog post by the researcher, Gal Beniamini, he revealed that a hacker within the range of a shared WiFi network will potentially...

iOS 10 Security Flaw Makes Backup Password Hacks 2,500 Times Quicker

There is a major security flaw in the iOS 10 backup protection mechanism, say ElcomSoft's security researchers. The flaw allows attackers to bypass certain security checks when enumerating passwords protecting local (iTunes) backups made by iOS 10 devices (via TNW). According to a blog post published today, Moscow-based Elcomsoft's security researchers have discovered that iOS 10 backups include...

OS X Vulnerability Allows Hackers to Control Your Mac

Apple has just released OS X 10.11.4 which patches a long list of vulnerabilities the system includes, but it looks as though they forgot to patch one major flaw that gives hackers near-total control of any Mac. The zero-day vulnerability was discovered by SentinelOne, as reported by The Next Web. The major security flaw allows...

Researcher Discloses Privilege Escalation Vulnerability in OS X

Stefan Esser, a German researcher from security audit firm SektionEins, has disclosed a major OS X vulnerability, which affects OS X 10.10.x and is related to the new features added by Apple to its latest software (via ZDNet). As Esser details, the security flaw is related to the new environment variable DYLD_PRINT_TO_FILE that enables error...

Apple to Patch Newly Uncovered FREAK Security Bug Next Week

Researchers have discovered a nasty bug that has been around since the 1990s. Dubbed "FREAK" for Factoring attack on RSA-EXPORT Keys, the security flaw allows hackers to conduct a "man-in-the-middle" attack and decrypt encrypted messages. The flaw affects Apple's, Google's, and other devices that use unpatched OpenSSL, reports the Washington Post. As the researchers point...