Remember those serious Meltdown and Spectre CPU flaws from about five years ago? Well, Intel’s in hot water again with another serious vulnerability that affects years worth of processors.
Known as “Downfall,” the vulnerability exploits a flaw in the AVX vector extensions of every Intel CPU from the Skylake generation onward until we get to the more recent 12th-gen Alder Lake processors.
Macs with these processors started appearing in late 2015 with the 21.5-inch iMac, and just about every Intel-based Mac–desktop or laptop–since that time is on the list of affected processors. Apple switched to its own chips in 2020 rather than using the newer 12th- and 13th-gen Intel processors (though those aren’t affected by the flaw anyway).
What is Downfall?
Researcher Daniel Moghimi, who discovered the flaw, created a microsite about it and describes it this way:
Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. Similarly, in cloud computing environments, a malicious customer could exploit the Downfall vulnerability to steal data and credentials from other customers who share the same cloud computer.
In short, the flaw exploits the way a particular “Gather” instruction (part of the vector instructions in these Intel processors) is executed to access data in RAM that the program shouldn’t normally have any access to. PCWold has more info on this flaw.
That’s bad. Real bad.
The vulnerability was first revealed to Intel last summer, but only just now published in order to give Intel time to work on a fix. Intel has just begun releasing microcode for its processors to mitigate the issue, which users would get in the form of updates from their hardware vendors.
Are any Macs affected?
At this point, it’s unclear whether Macs are affected. Nearly every Mac from the Skylake generation onward (starting in late 2015) that has an Intel CPU inside uses a processor that is on Intel’s list of affected products. If you have an Intel-based Mac from 2016 or later (or the iMac released in late 2015), your CPU is almost certainly affected.
But Macs are sort of unique. Intel Macs used custom motherboards and firmware, some even have the T2 processor that manages a lot of stuff. It doesn’t seem as though any of this would necessarily prevent an attack using the Downfall vulnerability, but it’s hard to know until we get confirmation from Apple. we’ve reached out for clarification and will update this article if someone responds.
It’s worth noting that the Skylake generation was the main impetus for Apple turning to its own silicon for the Mac, according to a 2020 interview with Ex-Intel principal engineer, François Piednoël. Piednoël claims that “Apple” quality assurance of Skylake was more than a problem,” and “Apple became the number one filer of problems in the architecture.” So it’s very possible that Apple took extraordinary steps to mitigate any potential issues with the chip, such as this Downfall flaw.
We can find no reference to CVE-2022-40982 on the Apple Security Releases site, but it was only just published, so even if there was a fix it wouldn’t have referenced it by name or CVE ID. Odds are, if Intel is only just now releasing microcode to mitigate this problem, Apple has not yet incorporated it into a macOS update.
What should you do next? Is there a fix?
If you have a Mac made in late 2015 or later, you might be affected, but there’s not much to do but wait. Apple will push out a macOS update to update the processor microcode, if necessary, or implement any other necessary mitigations. If you have a Mac that uses Apple Silicon (an M1 or M2-based processor), you have nothing to worry about.
As always, it’s a good idea to only use software from trusted sources. That utility you downloaded from a website you never heard of before carries far more risk of malware than the latest release from a known entity like Microsoft or Google, or something from the Mac App Store.
If you want more protection, take a look at our roundup of the best Mac antivirus software.
