The team behind the first public macOS kernel memory corruption exploit on M5 silicon has shared fresh details on how Mythos Preview helped bypass a five-year Apple security effort in five days.
A bit of technical background
Last year, Apple introduced Memory Integrity Enforcement (MIE), a hardware-assisted memory safety system designed to make memory corruption exploits much harder to execute.
As Apple explained, MIE is basically built on Arm’s Memory Tagging Extension (MTE), which is a 2019 specification that works “as a tool for hardware to help find memory corruption bugs.”
Here’s Apple:
The problem is that Apple found that MTE wasn’t robust enough under certain circumstances, so it developed MIE and built it “into Apple hardware and software in all models of iPhone 17 and iPhone Air.”
To sum up, MIE is Apple’s hardware-assisted memory safety system. It is built on Arm’s MTE specification and uses the chip itself to help detect and block certain memory corruption attacks before they can be exploited.
You can learn more about MIE here.
Enter, the Calif team
Earlier today, The Wall Street Journal reported on the fact that security researchers at Calif had used Anthropic’s Mythos Preview model to expose a new macOS security vulnerability by linking together “two bugs and a handful of techniques to corrupt the Mac’s memory and then gain access to parts of the device that should be inaccessible.”
Now, the team behind the exploit has shared a few extra details on how they did it, including a 20-second video of the kernel memory corruption exploit in action.
In the post, they note that while Apple has focused most of its MIE efforts on iOS, the company has recently brought it to MacBooks as well with the M5 chip.
Here’s Calif:
Then, they comment on how they broke MIE on the M5 in just five days:
They explain they have a 55-page technical report on the hack, but they won’t release it until Apple ships a fix for the exploit.
But they do note in broad terms that Anthropic’s Mythos Preview model helped them identify the bugs and assisted them throughout the entire collaborative exploit development process:
In the post, they also mention that this discovery earned them a visit to Apple Park, where they shared their vulnerability research report with Apple directly.
They also noted that Apple’s MIE, like most security mitigations currently in use, was built “in a world before Mythos Preview,” adding that in a time when even small teams, with the help of AI, can make discoveries such as this one, “we’re about to learn how the best mitigation technology on Earth holds up during the first AI bugmageddon.”
To read Calif’s full post, follow this link.
