NEWS  Security  January 17, 2024  Reading time: ~1 minute)

Max (RS editor)

A recent discovery has raised concerns about the vulnerability of some Apple silicon GPUs. Cybersecurity firm Trail of Bits recently unearthed a security flaw, named "LeftoverLocals", which has the potential to grant attackers access to sensitive data processed in the GPU's local memory. This revelation is particularly troubling given the widespread use of GPUs in handling Large Language Models (LLMs) for artificial intelligence (AI) applications.

The LeftoverLocals vulnerability allows attackers with local access to a device to eavesdrop on interactive LLM sessions, potentially compromising sensitive information. According to Apple, devices with the A17 Pro and M3 chips have already received patches to address this flaw. Additionally, Trail of Bits confirmed that the third-generation iPad Air has been fixed. However, older models, including the iPhone 12 and M2 MacBook Air, with vulnerable GPUs remain at risk.

The unique nature of the LeftoverLocals vulnerability requires physical access to the device, making remote exploitation highly improbable. While Apple has taken steps to address the issue on certain devices, there is still uncertainty about when, and if, all impacted models will receive security updates to directly tackle the problem.

As the tech giant navigates the intricacies of this security challenge, users are encouraged to stay vigilant and prioritize their device security. Apple emphasizes the importance of installing the latest available software updates to ensure that users receive the necessary security fixes. This approach is crucial in mitigating potential risks associated with the LeftoverLocals vulnerability.

 COVER IMAGE BY FREEPIK / REVIEW SPACE