Security researcher Gal Beniamini – who works Project on Zero-Google, in recent times discovered a serious vulnerability that uses WiFi chipsets in both iOS and Android devices. Detail proof of concept attack long, explains Beniamini can make an interesting blog post to see how an attacker within range of an arbitrary shared Wi-Fi network code on a targeted machine.
iOS and serious Android Wi-Fi exploit
By linking up some exploits, Beniamini has managed to show a “complete device of purchase by proximity Wi-Fi alone, requiring no user intervention. “The attack had to be serious enough that Apple did not waste time tinkering about its vulnerability, iOS 10.3.1 earlier in the week.
The Apple company make public note for the iOS update is as follows:
- Impact: An attacker within range may be able to execute arbitrary code on the WiFi-chip
- Description: An overflow of the stack buffer was addressed by the Enhanced Entry Validation.
Google, meanwhile, is obviously aware of the problem, but a security fix for Android devices are not yet widely available. As ArsTechnica points out, “The fix is only available for a number of device models, and even then it may take two weeks or more to be available in over-the-air update to those who qualify . “
There are no reports of a device, iOS or Android, is compromised, but you want to upgrade as soon as you can use your mobile operating system. At last interesting point, the vulnerability impacts all iPhone models since the iPhone 4s, a number of Nexus smartphones and most of the Samsung Galaxy range.