Skip to main content

Downfall vulnerability may affect Intel Macs; usual precautions recommended

A newly-discovered Downfall vulnerability found in Intel chips may affect older Macs powered by these processors …

A new variant of Spectre and Meltdown

Back in 2018, a major security flaw was found in both Intel and ARM chips, which could be exploited by two attacks known as Spectre and Meltdown.

It was a huge deal because it was a hardware-level bug affecting about a decade’s worth of processors, and while Apple successfully patched it, that came at the cost of a performance hit.

A year later, a new variant was discovered – but this one couldn’t be exploited by machines running macOS, so was only a concern to those running Windows on their Mac.

Downfall vulnerability

Now security researcher Daniel Moghimi has discovered an additional variant, known as the Downfall vulnerability.

Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages […]

The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not normally be accessible.

Unclear whether Macs are vulnerable

If you have an Intel Mac from 2016 onward (or a late-2015 iMac), then the flaw is present in your CPU.

However, as Macworld notes, this doesn’t necessarily mean that the vulnerability can actually be exploited on Macs.

Macs are sort of unique. Intel Macs used custom motherboards and firmware, some even have the T2 processor that manages a lot of stuff. It doesn’t seem as though any of this would necessarily prevent an attack using the Downfall vulnerability, but it’s hard to know until we get confirmation from Apple. We’ve reached out for clarification and will update this article if someone responds.

Intel didn’t shed any light on this, but told us:

The security researcher, working within the controlled conditions of a research environment, demonstrated the GDS issue which relies on software using Gather instructions. While this attack would be very complex to pull off outside of such controlled conditions, affected platforms have an available mitigation via a microcode update. Recent Intel processors, including Alder Lake, Raptor Lake and Sapphire Rapids, are not affected. Many customers, after reviewing Intel’s risk assessment guidance, may determine to disable the mitigation via switches made available through Windows and Linux operating systems as well as VMMs. In public cloud environments, customers should check with their provider on the feasibility of these switches.

The usual precautions apply

Either way, the best protection against these sorts of exploits is to follow standard cybersecurity precautions to block malware which could take advantage of them. You’ll find full details in that link, but the quick checklist is:

  • Only ever download apps from the Mac App Store and trusted developers
  • Use strong, unique passwords for every website
  • Don’t use real info when answering standard security questions
  • Use two-factor authentication whenever it is offered
  • Never click on links sent via email unless you are certain it is genuine
  • Guard against bank fraud
  • Ideally, never access sensitive sites on public wifi hotspots
  • If you have no choice, then use a trusted VPN service

Photo: Vishnu Mohanan/Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications