New Bug in Wi-Fi Chip for iPhone, Samsung and Nexus Found

New Bug in Wi-Fi Chip for iPhone, Samsung and Nexus Found

A new bug affecting Wi-Fi chips by Broadcom, the supplier for iPhones, Nexus and Samsung devices has been discovered by Google’s Project Zero. Mais particularmente, researcher Gal Baniamini has provided a detailed analysis on the exploit showing how an attacker could take over a device via Wi-Fi proximity.

Newly Discovered Bug Affects Wi-Fi Chips by Broadcom

For the exploit to take place, no user interaction is required. disse brevemente, if a user and an attacker are sharing the same Wi-Fi network (such as a public hotspot), the user’s device can easily be compromised without their knowledge.

relacionado: Quais são os mais Smartphones seguros em 2017

To demonstrate the attack, the researcher used a Nexus 6P device. It should be noted though that the flaw affects any device running on Broadcom Wi-Fi SoCs, Nexo 5 e 6 inclusive. Also affected are Samsung flagship devices and all iPhones starting from iPhone 4. Felizmente, the manufacturer has already been informed and collaboration with Google was already initiated so that the bug is fixed.

All the vulnerabilities in the post have been disclosed to Broadcom. Broadcom has been incredibly responsive and helpful, both in fixing the vulnerabilities and making the fixes available to affected vendors, o pesquisador escrevi.

relacionado: Want to Hack an IPhone: Here Is How

Fixes for affected vendors are also in the making.

Apple Has Already Addressed the Issue

The company was quick and has already released a patch addressing the issue. The fix is available in the most recent update – 10.3.1. Escusado será dizer, the update should be installed as soon as possible. Otherwise an attacker within range may be able to execute arbitrary code on the Wi-Fi chip, Apple has explained.

Broadcom has informed me that newer versions of the SoC utilize the MPU, along with several additional hardware security mechanisms. This is an interesting development and a step in the right direction. They are also considering implementing exploit mitigations in future firmware versions,” the researcher concludes.


Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum para 4 anos. Gosta de ‘Sr.. Robot’e medos‘1984’. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar