iOS users should update immediately to version 10.3.3 to eliminate the risk of a Wi-Fi-based exploit that can be carried out by an attacker in proximity to a device—or potentially through a compromised Wi-Fi router—without any interaction from the user at all.
In the iOS 10.3.3 update, Apple patched a bug that arises from how three models of Broadcom wireless chips, which Apple uses in iOS hardware, processes data. The chips are designed for smartphones and tablets, and aren’t used in Macs or other full-featured PCs. Security researcher Rich Mogull of Securosis said, “As described, the Broadcom vulnerability is extremely serious, but we will need to see the full exploit details to determine the real risk to users on all the various devices out there.”
Affected devices are the iPhone 5 and later, fourth-generation iPads and later, and the sixth-generation iPod touch. Apple’s release note explained, “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip,” and attributed its discovery to Nitay Artenstein of Exodus Intelligence.
Artenstein in April scheduled a talk about the vulnerability for the Black Hat security event happening in Las Vegas July 22 to 27 without providing details. He labeled the flaw “Broadpwn.” Artenstein hasn’t yet provided further details, although his talk says he’ll “tell the story of how we found the bug and exploited it to achieve full code execution—and how we went on to leverage our control of the Wi-Fi chip in order to run code in the main application processor.”
To use this proximity attack, a malicious party would need to be within range of a user with a vulnerable device. That limits the potential effect, but also means that anyone with an unpatched device remains at risk from hackers using heavily trafficked public places or targeted employees of specific companies, organizations, or government agencies.
Wi-Fi routers and Internet of Things (IoT) devices used by consumers and small businesses have been cracked in the millions worldwide, making that an unfortunately plausible vector that bypasses the requirement for someone to be within Wi-Fi range of a victim—or thousands of victims. Compromised hardware could then be used to stage attacks.
On July 5, Google released a patch for the flaw for Android systems. Apple’s update came on July 19. No reports have appeared of this flaw being exploited in the wild. It affects hundreds of millions of smartphones and other devices that use a set of Broadcom chips released started a few years ago.
Online metrics show that iOS users tend to update to the latest releases rapidly, and this should be no different. But if you haven’t yet, you can avoid any potential of being hit by this and other security exploits by installing the latest release right away.
Android uses may have a more difficult track, as even some modern Android phones with the affected chips lack upgrade paths. Mogull notes, “Although most iOS devices with the vulnerable chip can be patched, this likely doesn’t hold true for all Android (and other) devices.”