Force restart Apple Vision Pro [x/0xjprx]
4 Facebook x.com Reddit
Within a day of Apple's release Vision Pro security researcher said he has created a kernel exploit for VisionOS, opening the door to potential jailbreaking and malware creation.
The first releases of new hardware are often accompanied by a gold rush of security researchers and malware developers trying to crack the operating system. While jailbreak creators are trying to hack iOS, people are already creating security problems with the Apple Vision Pro.
A tweet written late Friday by MIT microarchitectural security graduate student Joseph Ravichandran claims that a kernel exploit has been created for the Apple Vision Pro, possibly the first ever publicly discovered.
World's first (?) kernel exploit for Vision Pro – on launch day! pic.twitter.com/9rVtaSmbei
— Joseph Ravichandran (@0xjprx) February 3, 2024
In tweets discovered by iDevice Central, several photos detail how the Apple Vision Pro reacts to an attempted kernel exploit. Once presented, Apple Vision Pro enters full walk-through mode and then warns the user to remove the headset as it will restart within 30 seconds.
After reboot, another image shows the panic log for the headset, showing a kernel crash.
Ravichandran also posted another image for the Vision Pro Crasher app, complete with an image of a skull in the headset and a “Crash My Vision Pro” button.
It is unclear whether the researcher has presented his findings to Apple, or whether he intends to do so at all. If they do this, there is a small chance that it will qualify for the Apple Security Bounty program.
Given Apple's penchant for quickly working on security issues, as well as the high-profile nature of Apple's Vision Pro launch, it's likely that Apple will release an update that fixes the issue if the issue is disclosed.
At this extremely early stage, given the slow adoption of devices among those who are generally tech savvy, it seems unlikely that this discovery will cause problems for Apple and its users.
