New Macbook T2 chips prevent eavesdropping, Apple security updates

News by Robert Abel

Apple's latest lineup of Macbook includes a security feature to prevent threat actors from carrying out attacks on the device's microphone that would allow them to eavesdrop on unsuspecting victims.

Apple’s latest lineup of Macbook includes a security feature to prevent threat actors from carrying out attacks on the device’s microphone that would allow them to eavesdrop on unsuspecting victims.

Apple’s new T2 security chip will be included in the new laptops announced Tuesday 30 October and will protect the device’s encryption keys, storage, fingerprint data and secure boot features and physically cuts the device’s microphone from the rest of the hardware whenever the lid is closed.

"This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed," said the support guide.

The features don’t disconnect the camera however, because Apple said its "field of view is completely obstructed with the lid closed."

Apple also released multiple security updates too alongside the announcements of its new product lineup.

The patches address vulnerabilities which could allow remote attackers to exploit some of these vulnerabilities to take control of an affected system.

Updates were released for Safari, ICloud for Windowsn iTunes, watchOS, iOs, tvOs, and Mac OSMojave.

The Safari vulnerabilities include two flaws in Safari Reader, one of which could enable a maliciously crafted webpage to carry out universal cross site scripting, arbitrary code execution, and denial of service attacks. Safari also included three WebKit flaws.

The macOS Mojave patch includes fixes for an afpserver bug which could allow a remote threat actor to AFP servers through HTTP clients and an AppleGraphicsControl flaw which could allow an application to execute arbitrary code with system privileges.

Users are encouraged to update their affected devices as soon as possible.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events