Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air

by

A security vulnerability that could allow attackers to access sensitive data has been discovered in some Apple silicon GPUs.

a14 bionic chip video
A recent investigation by cybersecurity firm Trail of Bits discovered the security flaw, named "LeftoverLocals," which allows attackers with local access to a device to retrieve data processed in the GPU's local memory. The issue is particularly concerning because of the expanding use of GPUs in processing Large Language Models (LLMs) for AI applications.

According to the firm, the vulnerability enables an attacker to eavesdrop on another user's interactive LLM session, potentially accessing sensitive information. Apple told Wired that newer devices with the A17 Pro and M3 chips have received patches to address this flaw, and Trail of Bits found that the third-generation iPad Air had also received a fix.

Most older models with vulnerable GPUs, including the iPhone 12 and M2 MacBook Air, are still vulnerable. While Apple has taken steps to patch certain devices, it remains unclear if and when all impacted models will receive security updates to directly address the problem.

The nature of the LeftoverLocals vulnerability is such that it requires installation of a malicious app or physical access to the device. As always, Apple encourages users to install the latest available software update to ensure they receive security fixes.

Tags: Apple Security, Apple Silicon Guide

Popular Stories

apple lock security bug vulnerability fix privacy

Apple Warns Canada's Bill C-22 Could Force Encryption Backdoors

Friday May 8, 2026 4:22 am PDT by
Apple and Meta have opposed a Canadian bill that the companies say could force them to create backdoor access to encrypted user data, should it pass through the country's parliament. Proposed by Canada's ruling Liberal Party, Bill C-22 contains provisions that could be similar ​to a UK data access provision order sent to Apple last year, depending on how they are implemented. Back in Feb...
Read Full Article80 comments
macOS Tahoe and iPhone

Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool

Thursday May 14, 2026 9:04 am PDT by
Anthropic recently announced Project Glasswing, an initiative that enables tech companies like Apple to use its new frontier AI model Claude Mythos Preview to find security vulnerabilities across operating systems and web browsers. The Wall Street Journal today reported that researchers at cybersecurity firm Calif used Claude Mythos Preview to uncover a new macOS security vulnerability last...
Read Full Article29 comments
nvidia rtx spark

Nvidia Challenges Apple Silicon With New RTX Spark PC Chip

Monday June 1, 2026 3:41 am PDT by
Nvidia is entering the consumer PC chip business for the first time and has thrown down the gauntlet to Apple, describing its new RTX Spark processor as "the most efficient PC chip ever built." Nvidia says its RTX Spark Superchip is purpose-built to run AI agents that can work proactively across apps and run in the background as a personal "teammate." With the chip, Nvidia says users...
Read Full Article172 comments

Top Rated Comments

GMShadow Avatar
GMShadow
31 months ago

The nature of the LeftoverLocals vulnerability is such that it requires physical access to the device,
This makes it more of an academic vulnerability - the number of people at risk of having their device stolen so someone can run this hack on it is infinitesimal. Patch it if possible, but 99.999% of people shouldn't be worried about this.
Score: 29 Votes (Like | Disagree)
3
3530025
31 months ago

If someone has your Mac there are 1000 easier ways to get data off it than this.
MacRumors content image
Score: 28 Votes (Like | Disagree)
GMShadow Avatar
GMShadow
31 months ago

Will be interesting to see if Apple will fix the M2 MacBook Air or use this as an opportunity to motivate people to upgrade their M2 MacBook Air to the M3 MacBook Air, by claiming it's not fixable.
If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 16 Votes (Like | Disagree)
B
bviktor
31 months ago

One more reason to convince my friend to upgrade from her 12. But should've this happened in the first place,
All devices get new vulnerabilities all the time. That includes new devices. We need a patch, not a new device.
Score: 13 Votes (Like | Disagree)
R
roar08
31 months ago

I see AAPL having a time ticking bomb...
This has been said about AAPL for the past 30+ years. I guess that's one long fuse.
Score: 9 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
31 months ago

Measurements taken to force people to upgrade. Apple knows that the ship is gonna sink, hence everyone is leaving the company and WSB horses have been implemented into the company to take full control and drive it down the core leaving with all the money.
This isn't remotely true. If you truly think this way I legit feel bad for you. This is a weird security flaw (which happens all the time, security is a game of cat and mouse), nothing more.
Score: 9 Votes (Like | Disagree)
Read All Comments