Click to Skip Ad
Closing in...

Security researcher unearths serious iOS and Android Wi-Fi exploit

Published Apr 6th, 2017 11:06PM EDT
iOS and Android
Image: Shutterstock

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Security researcher Gal Beniamini — who works for Google’s Project Zero — recently unearthed a serious vulnerability affecting the Wi-Fi chipsets used in both iOS and Android devices. Detailing the proof-of-concept attack at length, Beniamini explains in an interesting blogpost how an attacker within range on a shared Wi-Fi network could potentially execute arbitrary code on a targeted device.

By chaining together a pair of exploits, Beniamini managed to demonstrate a “full device takeover by Wi-Fi proximity alone, requiring no user interaction.” The attack was deemed to be serious enough that Apple wasted no time in patching up the vulnerability, having released iOS 10.3.1 earlier in the week.

Apple’s release note for the iOS update reads:

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A stack buffer overflow was addressed through improved input validation.

Google, meanwhile, is obviously aware of the vulnerability but a security patch for Android devices isn’t yet widely available. As ArsTechnica notes, “the fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible.”

There haven’t been any reports of a device, iOS or Android, being compromised but you’ll want to upgrade your mobile OS as soon you can. As a final point of interest, the vulnerability impacts all iPhones models since the iPhone 4s, a number of Nexus smartphones and most of Samsung’s Galaxy lineup.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.