It is not always the first in everything for the good, but also for the bad and there are bad things that are exclusive to us. This is what has happened to Apple with augury. A security vulnerability unique to its A14 and M processors1, in all its variants, which breaks the myth of the security of the Cupertino systems. Let’s see, therefore, what it consists of.
One of the most repeated mantras by apple users is that their computers do not have viruses or security attacks. Which has a simple explanation, for years its market share was very low. However, if we consider that not only their computers, but also iPhones and iPads are also a Mac, then the conclusion is clear. The number of Apple computers on the market is much larger than ever.
So long ago the period was left where the effort to develop malicious software for the Apple platform did not pay off. This has caused security analysts to keep an eye on its vulnerabilities for a long time. And it is that nobody is perfect, including those of Cupertino. The last thing we have been able to know is that Apple processors have received their first security problem in terms of hardware. Baptized as Augury and that is exclusive to its processors. Its level of impact? Well, comparatively, it is a problem on the scale that Intel and AMD had with Spectre/Meltdown.
Augury, the exclusive security problem of Apple processors
All modern processors have a mechanism that fetches instructions from RAM. The most modern ones have a prefetch system, which is based on a system that reads the code in advance and loads the following instructions in block from memory. This mechanism in Apple processors is called WMDacronym for Data Memory-Dependent Prefetcher.
Well, the universities of Tel Aviv, Illinois and Washington have found a security problem in the DMP to which they have baptized as Augury. Which taking advantage of a design flaw in Apple processors. Which, if exploited, gives malicious applications access to confidential data stored in the computer’s memory. However, for the moment and luckily there is no such program that takes advantage of this vulnerability.
The Affected processors are the A14 and M1 families, we do not know if in the A15 Apple has solved the problem by renewing the DMP of said SoC for its devices. But if they haven’t, this problem will take years to resolve, since a good part of their chips are already designed and on the final ramp before they are produced and marketed. So it could be seen in the not yet released M2 for the next generation of Macintosh computers. At the moment Apple is aware of Augury, but for the moment they have not revealed what solution they will implement and when.