Teacher
Professional
- Messages
- 2,669
- Reaction score
- 819
- Points
- 113
An MIT researcher uncovered a vulnerability in the visionOS kernel.
Just one day has passed since the release of the Apple Vision Pro headset, and there have already been reports about the method of hacking it. A researcher in the field of microarchitectural security from the Massachusetts Institute of Technology (MIT), Joseph Ravichandran, said that he was able to detect a vulnerability in the kernel of the visionOS operating system, which runs Apple Vision Pro.
Ravichandran shared screenshots of the app created for Vision Pro with the "Crash My Vision Pro"button. When you click on the button, Vision Pro crashes. Then the headset turns on again, but in full pass-through mode, and displays a message to the user that the Vision Pro needs to restart and that it will go off in 30 seconds.
Ravichandran also demonstrated the kernel crash log associated with their exploit.
An app with a button to restart the headset (left), a kernel crash log (right), and a Vision Pro reboot alert (bottom).
This case is the first public disclosure of a kernel exploit for visionOS, which calls into question the security level of Apple's new product. Kernel hacks are a key element for creating a jailbreak that allows users to install unauthorized software and modify the system against the manufacturer's restrictions.
Although Ravichandran has not yet spoken about plans to create a jailbreak or publicly distribute the exploit, his discovery could open the door for the hacker community to develop methods to circumvent Apple's system restrictions. Despite the increased security measures taken by the company at the hardware and software levels, hackers continue to find ways to bypass security features and system restrictions.
Ravichandran's discovery underscores the ongoing arms race between technology manufacturers and the hacker community, which seeks to expand the functionality of devices despite the manufacturer's established framework.
Just one day has passed since the release of the Apple Vision Pro headset, and there have already been reports about the method of hacking it. A researcher in the field of microarchitectural security from the Massachusetts Institute of Technology (MIT), Joseph Ravichandran, said that he was able to detect a vulnerability in the kernel of the visionOS operating system, which runs Apple Vision Pro.
Ravichandran shared screenshots of the app created for Vision Pro with the "Crash My Vision Pro"button. When you click on the button, Vision Pro crashes. Then the headset turns on again, but in full pass-through mode, and displays a message to the user that the Vision Pro needs to restart and that it will go off in 30 seconds.
Ravichandran also demonstrated the kernel crash log associated with their exploit.
An app with a button to restart the headset (left), a kernel crash log (right), and a Vision Pro reboot alert (bottom).
This case is the first public disclosure of a kernel exploit for visionOS, which calls into question the security level of Apple's new product. Kernel hacks are a key element for creating a jailbreak that allows users to install unauthorized software and modify the system against the manufacturer's restrictions.
Although Ravichandran has not yet spoken about plans to create a jailbreak or publicly distribute the exploit, his discovery could open the door for the hacker community to develop methods to circumvent Apple's system restrictions. Despite the increased security measures taken by the company at the hardware and software levels, hackers continue to find ways to bypass security features and system restrictions.
Ravichandran's discovery underscores the ongoing arms race between technology manufacturers and the hacker community, which seeks to expand the functionality of devices despite the manufacturer's established framework.
