Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air - MacRumors
Skip to Content

Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air

by

A security vulnerability that could allow attackers to access sensitive data has been discovered in some Apple silicon GPUs.

a14 bionic chip video
A recent investigation by cybersecurity firm Trail of Bits discovered the security flaw, named "LeftoverLocals," which allows attackers with local access to a device to retrieve data processed in the GPU's local memory. The issue is particularly concerning because of the expanding use of GPUs in processing Large Language Models (LLMs) for AI applications.

According to the firm, the vulnerability enables an attacker to eavesdrop on another user's interactive LLM session, potentially accessing sensitive information. Apple told Wired that newer devices with the A17 Pro and M3 chips have received patches to address this flaw, and Trail of Bits found that the third-generation iPad Air had also received a fix.

Most older models with vulnerable GPUs, including the iPhone 12 and M2 MacBook Air, are still vulnerable. While Apple has taken steps to patch certain devices, it remains unclear if and when all impacted models will receive security updates to directly address the problem.

The nature of the LeftoverLocals vulnerability is such that it requires installation of a malicious app or physical access to the device. As always, Apple encourages users to install the latest available software update to ensure they receive security fixes.

Tags: Apple Security, Apple Silicon Guide

Popular Stories

iOS 26

iOS 26.4 Adds Two New Features to CarPlay

Tuesday March 24, 2026 1:55 pm PDT by
iOS 26.4 was released today, and it includes a couple of new features for CarPlay: an Ambient Music widget and support for voice-based chatbot apps. To update your iPhone 11 or newer to iOS 26.4, open the Settings app and tap on General → Software Update. CarPlay will automatically offer the new features so long as the iPhone connected to your vehicle is running iOS 26.4 or later....
Read Full Article25 comments
Apple Business hero

Apple Unveils 'Apple Business' All-in-One Platform

Tuesday March 24, 2026 8:53 am PDT by
Apple today announced Apple Business, a new all-in-one platform that unifies device management, productivity tools, and customer outreach features. The service is designed to be a consolidated replacement for several of Apple's existing business-focused offerings, including Apple Business Essentials, Apple Business Manager, and Apple Business Connect. It provides organizations with a single...
Read Full Article46 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 3, AirPods Pro 2 and AirPods 4

Tuesday March 24, 2026 12:31 pm PDT by
Apple today released new firmware for the AirPods Pro 2, AirPods Pro 3, and the AirPods 4. The firmware has a version number of 8B39, up from 8B34 on the AirPods Pro 3, 8B28 on the AirPods Pro 2, and 8B21 on the AirPods 4. There is no word on what's included in the firmware, but Apple has a support document with limited notes. Most updates are limited to bug fixes and performance...
Read Full Article79 comments

Top Rated Comments

GMShadow Avatar
GMShadow
29 months ago

The nature of the LeftoverLocals vulnerability is such that it requires physical access to the device,
This makes it more of an academic vulnerability - the number of people at risk of having their device stolen so someone can run this hack on it is infinitesimal. Patch it if possible, but 99.999% of people shouldn't be worried about this.
Score: 29 Votes (Like | Disagree)
3
3530025
29 months ago

If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 28 Votes (Like | Disagree)
GMShadow Avatar
GMShadow
29 months ago

Will be interesting to see if Apple will fix the M2 MacBook Air or use this as an opportunity to motivate people to upgrade their M2 MacBook Air to the M3 MacBook Air, by claiming it's not fixable.
If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 16 Votes (Like | Disagree)
B
bviktor
29 months ago

One more reason to convince my friend to upgrade from her 12. But should've this happened in the first place,
All devices get new vulnerabilities all the time. That includes new devices. We need a patch, not a new device.
Score: 13 Votes (Like | Disagree)
R
roar08
29 months ago

I see AAPL having a time ticking bomb...
This has been said about AAPL for the past 30+ years. I guess that's one long fuse.
Score: 9 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
29 months ago

Measurements taken to force people to upgrade. Apple knows that the ship is gonna sink, hence everyone is leaving the company and WSB horses have been implemented into the company to take full control and drive it down the core leaving with all the money.
This isn't remotely true. If you truly think this way I legit feel bad for you. This is a weird security flaw (which happens all the time, security is a game of cat and mouse), nothing more.
Score: 9 Votes (Like | Disagree)
Read All Comments