While it looks like almost all architectures are susceptible to this newly discovered attack, the paper says that new Apple Silicon M1 and Samsung Exynos chips “are sometimes” weaker than Intel CPUs in this instance, possibly because of their cache design.
Ironically, we show that our attacks are sometimes more effective on these novel CPUs by Apple and Samsung compared to their well-explored Intel counterparts, presumably due to their simpler cache replacement policies.
Going further, the researchers found that the new attack worked to a degree even with hardened browsers such as Tor, Deter-Fox, and Chrome Zero.
The paper was given ahead of publication to Apple, Intel, AMD, Chrome, and Mozilla.
As for fixes, the researchers say both software and hardware updates can solve the vulnerability.
The root cause of microarchitectural side-channels is the sharing of microarchitectural components across code executing in different protection domains. Hence, partitioning the state, either spatially or temporally, can be effective in preventing attacks. Partitioning can be done in hardware or by the operating system.
Last week we saw a security update with macOS 11.2.3 that fixed an issue with web content that could lead to arbitrary code execution, first discovered by Google’s Threat Analysis team. We’ll keep an eye out for a future update that might protect against this new browser-based side-channel attack discovered in the paper above.
- Apple acts to prevent further spread of Silver Sparrow Mac malware
- Mysterious macOS malware discovered with M1 optimization, threat remains unclear
- First Apple Silicon optimized malware discovered in the wild
FTC: We use income earning auto affiliate links. More.