Security Alert: MIT Expert Discovers Vulnerability in Apple Vision Pro’s Core

Merely a day has elapsed since the debut of the Apple Vision Pro headset, and already, reports have surfaced detailing a method for its circumvention. Joseph Ravichandran, a researcher specializing in microarchitectural security at the Massachusetts Institute of Technology (MIT), has announced his success in identifying a vulnerability within the core of the visionOS operating system, which powers the Apple Vision Pro.

Ravichandran shared screenshots of an application he developed for the Vision Pro, featuring a “Crash My Vision Pro” button. Upon pressing this button, the Vision Pro crashes. Subsequently, the headset reboots, but it then enters a mode of complete pass-through transmission, displaying a message to the user that the Vision Pro must restart and that it will shut down in 30 seconds.

Furthermore, Ravichandran showcased a crash log from the kernel, linked to their exploit.

This incident marks the first public disclosure of a kernel exploit for visionOS, casting doubt on the security level of Apple’s latest innovation. Kernel hacks are a critical component in creating jailbreaks, which allow users to install unauthorized software and modify the system contrary to the manufacturer’s restrictions.

While Ravichandran has yet to speak of plans for creating a jailbreak or publicly distributing the exploit, his discovery could pave the way for the hacker community to develop methods to circumvent Apple’s system restrictions. Despite the company’s enhanced security measures at the hardware and software levels, hackers continue to find ways to bypass protections and system limitations.

Ravichandran’s revelation underscores the ongoing arms race between technology manufacturers and the hacker community, which seeks to expand the capabilities of devices beyond the constraints set by manufacturers.