Apple’s M5 silicon has reportedly been exploited for the primary time in a public macOS kernel reminiscence corruption assault, efficiently bypassing the corporate’s notable hardware-level reminiscence safety.
Researchers from Calif, Bruce Dang, Dion Blazakis, and Josh Maine, developed a working kernel native privilege escalation (LPE) exploit concentrating on macOS 26.4.1 (25E253) on bare-metal M5 {hardware}.
The exploit chain begins from an unprivileged native person account, makes use of solely normal system calls, and delivers a full root shell, all whereas Apple’s Reminiscence Integrity Enforcement (MIE) is lively.
The crew found the 2 underlying bugs on April 25, joined forces two days later, and had a working exploit working by Might 1.
First Public macOS Kernel Exploit
Slightly than submitting via the usual bug bounty pipeline, the researchers walked the 55-page printed report immediately into Apple Park in Cupertino, a deliberate transfer to keep away from the crowded submission queues seen throughout occasions like Pwn2Own. Full technical particulars will likely be revealed solely after Apple ships a patch.
Reminiscence Integrity Enforcement is Apple’s hardware-assisted reminiscence security system, constructed on ARM’s Reminiscence Tagging Extension (MTE) structure.
Launched because the marquee safety function of the M5 and A19 chips, Apple spent 5 years, and reportedly billions of {dollars}, engineering MIE to particularly disrupt kernel reminiscence corruption exploits.
In response to Apple’s personal analysis, MIE disrupts each identified public exploit chain in opposition to fashionable iOS, together with the leaked Coruna and Darksword exploit kits.
The breakthrough was made doable partly by Anthropic’s Mythos Preview, a robust AI mannequin that helped determine the 2 vulnerabilities and assisted all through the exploit improvement course of.
Calif describes the mannequin as able to generalizing assault patterns throughout total vulnerability courses as soon as it has discovered an issue kind.
The bugs had been found shortly as a result of they fall inside identified bug courses; nevertheless, autonomously bypassing MIE nonetheless required important human experience, underscoring the ability of a human-AI pairing.
The five-day improvement timeline in opposition to a safety that took Apple 5 years to construct is being cited as a major benchmark for AI-assisted offensive safety analysis.
Reminiscence corruption stays essentially the most prevalent vulnerability class throughout all fashionable platforms, together with iOS and macOS. Safety mitigations like MIE are designed to boost the price of exploitation, not make it inconceivable.
This research demonstrates that as AI fashions develop extra succesful at surfacing unknown bugs in identified courses, even best-in-class {hardware} mitigations face a narrowing window of effectiveness.
Calif frames the exploit as a preview of what it calls the “AI bugmageddon” period a interval the place small, AI-augmented safety groups can obtain what beforehand required massive, well-funded organizations.
Apple was inbuilt a world earlier than Mythos Preview; this exploit indicators that the calculus of {hardware} safety is already starting to shift.
Apple is reportedly engaged on a repair. Till a patch is launched, methods working macOS 26.4.1 on M5 {hardware} stay at theoretical threat from native privilege escalation through this unpublished chain.
Comply with us on Google News, LinkedIn, and X to Get Extra Prompt Updates.