So Much for Mac's Security... AI Breaks Through Apple's Ironclad Protection in Just 5 Days
Apple Responds:
"This Is Very Serious... Reviewing the Report"
The Anthropic artificial intelligence (AI) model, 'Mythos', has discovered a vulnerability in Apple's macOS, which had been protected by Apple's latest security technology.
According to the Wall Street Journal (WSJ) on the 15th (local time), Palo Alto-based security company KALYPH discovered a vulnerability in Apple's macOS during testing of the Anthropic AI model, 'Mythos', and succeeded in bypassing Apple's core memory protection mechanism. With the rapid advancement of generative AI, it is now being assessed that AI is showing capabilities on par with real-world attacks in the field of cybersecurity.
The KALYPH research team explained that they combined two internal macOS software bugs with several attack techniques to implement an attack that corrupts system memory and extends privileges to previously inaccessible areas. When combined with other attacks, this could allow a hacker to take full control of the computer.
This case is particularly shocking because macOS has been regarded as the 'most secure OS' in the industry. Apple has consistently invested heavily in strengthening security. Last year, the company even released its proprietary security technology, 'Memory Integrity Enforcement.' This technology has been identified as a core security mechanism to prevent hackers from manipulating system memory or implanting malicious code to seize operating system privileges. However, KALYPH used Mythos to develop attack code in just five days.
However, Kalyp CEO Tai Duong explained, "Mythos is extremely good at reproducing previously known attack techniques," adding, "This attack was the result of combining the expertise of human security researchers."
Apple stated, "Security is our top priority, and we take potential vulnerability reports extremely seriously," confirming that it is reviewing KALYPH's report. The company is expected to address the security vulnerability and release specific details.
Earlier this year, Anthropic's Mythos identified more than 100 serious security vulnerabilities in the Firefox browser over a two-week period. This is comparable to the number of vulnerabilities typically found by security researchers worldwide over two months.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
- "Who Is Visiting Japan These Days?" The Once-Crowded Tourist Spots Empty Out... What's Happening?
- "Am I Really in the Top 30%?" and "Worried About My Girlfriend in the Bottom 70%"... Buzz Over High Oil Price Relief Fund
- "It Has Now Crossed Borders": No Vaccine or Treatment as Bundibugyo Ebola Variant Spreads [Reading Science]
The security industry has even coined the term 'Bugmageddon,' as AI discovers software vulnerabilities at a much faster rate than humans, simultaneously increasing the global burden of security patches and the risk of cyberattacks. Due to concerns that Mythos could be exploited for cyberattacks, Anthropic, the developer, is restricting access to Mythos and building a joint response system with government agencies and big tech companies. The U.S. Donald Trump Administration is reportedly also considering executive orders to strengthen oversight of advanced AI models.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
