Security researchers are claiming that by combining two exploits they can successfully jailbreak Macs and Macbook devices that come up with Apple’s latest T2 security chip. However, the process of jailbreaking is complex but the techniques mention on Twitter and Reddit have confirmed and tested by Apple’s top security and jailbreaking experts.
If exploited correctly it can allow a user/attacker to take full control over the device and can change the operating system behaviors or plant malware in the device or can also extract sensitive information.
What is Apple’s latest T2 security chip?
Apple‘s latest T2 security chip is a special co-processor that installed alongside the main intel CPU on modern Apple devices such as Macbook, iMac, Mac Pro, etc.
These chips also serve as security chips Secure Enclave Processor(SEP) that process sensitive data such as Keychain passwords, TouchID authentication, cryptographic operations, and device encrypted storage and secure boot capabilities.
What does Jailbreaking mean?
In simple terms, Jailbreaking means modifying or breaking the restrictions of a smartphone or other electronic device imposed by the manufacturers or operators.
The attack on Apple’s latest T2 security chip works by combining two exploits Checkm8 and Blackbird initially designed for iOS devices. Moreover, A person technically skilled in the process and has knowledge can do this jailbreak process because it’s a quiet complex process and normal users can result in bricking of the device.
Can this be patched?
Unfortunately, this is a hardware-related issue this cannot be patched and all Apple’s latest T2 security chips are unpatchable.
If you suspect your system to be tampered with, use Apple Configurator to reinstall bridgeOS on your T2 chip described here. If you are a potential target of state actors, verify your SMC payload integrity using .e.g. rickmark/smcutil and don’t leave your device unsupervised
IronPeak said