Apple Vision Pro hacked within a day of its launch
What's the story
A day after Apple's Vision Pro hit the market, MIT microarchitectural security PhD student Joseph Ravichandran announced he had developed a kernel exploit for visionOS. Sharing a few photographs on Saturday (local time), he also showed how the headset reacts to an attempted kernel exploit. This breakthrough could potentially lead to jailbreaks and malware attacks. As with most new tech releases, Apple's headset has become a battleground for security experts and hackers alike, racing to crack the operating system.
Twitter Post
Here's what Ravichandran tweeted
The world's first(?) kernel exploit for Vision Pro- on launch day! pic.twitter.com/9rVtaSmbei
— Joseph Ravichandran (@0xjprx) February 3, 2024
Details
Exploit details and headset's reactions
Ravichandran shared his findings on X, posting images of Vision Pro's response to his kernel exploit attempt. The device switched to a full passthrough view and warned the user to remove the headset before restarting in 30 seconds. Post restart, another image revealed a panic log for the headset, showing the kernel had indeed crashed. Ravichandran also shared a snapshot of the "Vision Pro Crasher" app, complete with a skull wearing a headset and a "Crash My Vision Pro" button.
More
Apple's potential response
It's still uncertain if Ravichandran has reported his findings to Apple or plans to do so. If he does, there's a slim chance it could qualify for Apple's Security Bounty program. Considering Apple's track record of quickly addressing security concerns and the high-profile nature of the Vision Pro launch, it's likely that an update will be released to fix the issue if disclosed. For now, it seems unlikely that this discovery will cause major problems for Apple and its users.