A team of academic researchers has uncovered a critical vulnerability in Apple M-series CPUs targeting data memory-dependent prefetcher (DMP) that could allow attackers to extract secret encryption keys from Macs. The flaw, called GoFetch, is based on the microarchitecture design of the Apple Silicon, which means that it cannot be directly patched and poses a significant risk to users' data security. The vulnerability affects all Apple devices powered by M-series chips, including the popular M1 and M2 generations. The M3 generation can turn a special bit off to disable DMP, potentially hindering performance. The DMP, designed to optimize performance by preemptively loading data that appears to be a pointer, violates a fundamental requirement of constant-time programming by mixing data and memory access patterns. This creates an exploitable side channel that attackers can leverage to extract secret keys.

To execute the GoFetch attack, attackers craft specific inputs for cryptographic operations, ensuring that pointer-like values only appear when they have correctly guessed bits of the secret key. By monitoring the DMP's dereference behavior through cache-timing analysis, attackers can verify their guesses and gradually unravel the entire secret key. The researchers demonstrated successful end-to-end key extraction attacks on popular constant-time implementations of both classical and post-quantum cryptography, highlighting the need for a thorough reevaluation of the constant-time programming paradigm in light of this new vulnerability.

Microsoft's Window Defender engineering team has finally found the time to address a long term bug within its anti-malware software - relating to performance issues with Mozilla's Firefox web browser. User feedback stretching back to five years ago indicates extremely sluggish web surfing experiences, caused by a Windows "Anti-malware Service Executable" occupying significant chunks of CPU utilization (more than 30%). The combination of Firefox and Windows Defender running in parallel would guarantee a butting of (software) heads - up until last week's bug fix. A Microsoft issued update has reduced the "MsMpEng.exe" Defender component's CPU usage by a maximum of 75%.

Microsoft and Mozilla developers have collaborated on addressing the disharmonious relationship between Defender and Firefox. A plucky member of the latter's softwareengineering team has been very transparent about the sluggish browser experience. Yannis Juglaret has provided a string of project updates via Mozilla's Bugzilla tracking system - one of his latest entries provide details about the fix: "You may read online that Defender was making too many calls to VirtualProtect, and that global CPU usage will now go down by 75% when browsing with Firefox. This is absolutely wrong! The impact of this fix is that on all computers that rely on Microsoft Defender's Real-time Protection feature (which is enabled by default in Windows), MsMpEng.exe will consume much less CPU than before when monitoring the dynamic behavior of any program through Event Tracing for Windows (ETW). Nothing less, nothing more."