First public macOS kernel memory corruption exploit on Apple M5
4 hours ago
- #macOS security
- #memory corruption exploit
- #Apple M5
- First public macOS kernel memory corruption exploit on Apple M5 silicon, bypassing MIE (Memory Integrity Enforcement).
- Exploit developed in five days by engineers with Mythos Preview AI, using two vulnerabilities for local privilege escalation to root.
- Apple's MIE, a hardware-assisted memory safety system built on ARM's MTE, aimed to stop corruption exploits but was evaded.
- Mythos Preview AI helped identify bugs and assisted in development, showing AI-human partnership effectiveness.
- Exploit targets macOS 26.4.1 on bare-metal M5 hardware, with full technical details to be published after Apple fixes vulnerabilities.
- Incident highlights shift towards AI-driven offense in security, challenging traditional mitigations and signaling future trends.