Anthropic's Mythos artificial intelligence model poses a significant global risk to software systems. A new report states that Mythos was used to uncover a security vulnerability in Macs.
Security researchers say they have discovered a new way to bypass Apple's state-of-the-art security system using techniques they uncovered in April while testing an early version of Anthropic's Mythos artificial intelligence software.
macOS vulnerability uncovered!
Researchers at Palo Alto-based security research firm Calif say they combined two flaws and several techniques in their software to corrupt a Mac's memory, and then gain access to areas of the device that should have been inaccessible. This is a type of attack known as a privilege escalation vulnerability, and if combined with other attacks, it can be used by a hacker to take control of the computer.
The attack specifically targets Apple's Memory Integrity Enforcement (MIE) system, developed around ARM's Memory Tagging Extension technology. Apple introduced MIE as a hardware-backed measure designed to make memory corruption attacks more difficult to execute on modern Macs and future Apple Silicon-powered devices.
First attack against MIE hardware protections on Mac
Memory corruption flaws trigger many of the most serious attacks against modern operating systems, as they can allow attackers to access protected memory or execute unauthorized code. Apple has spent years developing hardware and software protections to make these attacks more difficult on new Apple Silicon systems. MIE was designed to reduce the reliability of these attacks by enforcing stricter memory protections at the hardware level. Researchers claim that their attack chains bypassed MIE protections on kernel MIE-enabled M5 hardware. According to the team, this attack is the first publicly demonstrated macOS kernel memory corruption attack against Apple's new MIE hardware protections.
Apple's memory security system (MIE) was broken in 5 days!
Calif combined two flaws with several techniques using Mythos to corrupt a Mac's memory and then gain access to areas of the device that should have been inaccessible. The Calif team stated that Apple spent five years and likely billions of dollars developing MIE, while they managed to break it in five days. The vulnerability was discovered in macOS 26.4.1 (25E253) version.
Apple has not yet confirmed these claims, and it is unclear whether the relevant vulnerabilities have been patched.
0 Comments: