Apple Vision Pro hacked by microarchitecture security expert

A security related flaw has come to light after Apple introduced Apple Vision Pro. Joseph Ravichandran, a PhD student at MIT with expertise in microarchitecture security, has identified a critical kernel flaw in visionOS, the device's operating system. This flaw could potentially facilitate jailbreaking (modifying to remove restrictions imposed by the manufacturer) and creating malicious software designed to take advantage of this new hardware.

Apple Vision Pro price

The starting price of Apple Vision Pro in the USA is $3,499 (approximately Rs 2,90,520). Apple Vision Pro was launched in the US earlier this week. Pre-orders for this device have started from January 19, 2024.

Flaw in Apple Vision Pro

Joseph Ravichandran tweets X in a series of posts that included photos of the Apple Vision Pro's response to the kernel flaw. After the glitch, the device goes into “perspective mode” and instructs users to remove the headset in preparation for a restart, which is scheduled to occur within 30 seconds.

After this restart, Ravichandran highlighted an emergency log indicating a kernel crash. Additionally he showed a custom application called Vision Pro Crasher, which included a skull with a headset icon and a button labeled Crash My Vision Pro. When new hardware is introduced, security researchers are often eager to test it. Like jailbreaking the iPhone, Ravichandran's move highlights potential security issues for the Vision Pro ecosystem.

Apple has a history of trying to fix security flaws quickly, especially with high-profile products like the Vision Pro. Additionally, Ravichandran has not confirmed that he has presented his findings to Apple. However, the company's security bounty program may encourage such disclosures. The gradual rollout of Vision Pro allows for early adoption of the technology, reducing the likelihood of widespread disruption. Additionally, Apple will attempt to fix the flaw with a rapid update, minimizing any risks.