123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Business >> View Article

Apple Fixes "airdos" Vulnerability, Which Paralyzes Nearby Iphones And Ipads

Profile Picture
By Author: Handset Recycle
Total Articles: 271
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Apple fixed a bug that prevented nearby hackers from using the iPad and iPhone.

Apple Corp. on Tuesday fixed a bug in AirDrop, a file exchange feature that made hackers nearby unable to use iPhones and iPads. The vulnerability was found to open the door to a denial-of-service attack where an attacker could use AirDrop shared pop-up notifications to send spam emails to all nearby iPhones and iPads indefinitely.

"This shared pop-up window blocks the user interface, so device owners will not be able to continue doing anything on the device unless it accepts / rejects the pop-up window and the pop-up window will continue to appear. It will also persist, "independent researcher Kishan Bagaria wrote in a post outlining his findings.

Apple fixes were released on Tuesday and include all other fixes for Apple Watch, iOS and macOS Catalina.

Bagaria calls this flaw AirDoS, which is a gameplay of Apple's feature names AirDrop and DoS (denial of service). AirDrop is a feature in iOS and macOS that allows files to be transferred using Wi-Fi or Bluetooth. "When someone uses AirDrop to share content with you, you ...
... see an alert with a preview. You can click to accept or decline," Apple described on its support page.

"This error is still subject to AirDrop receiving settings, which means that if your AirDrop setting is set to" Everyone, "anyone can become an attacker, but if you set it to" Contacts only, "only Someone from your contacts can be an attacker, Bagaria wrote.

Bagaria said that in addition to updating to the latest version of iOS 13.3 to resolve the issue, users can also turn off the AirDrop feature in Settings. To stop active attacks, he suggests having Siri turn off Wi-Fi and Bluetooth radios on your iPad or iPhone.

The researcher said that he reported the bug to Apple in August, and the bug was fixed in the latest iOS update (13.3). The proof-of-concept of the attack has been posted to GitHub, and a video about the ongoing attack is available on YouTube.

After researchers found six serious bugs in the mobile operating system, Apple Watch 6.1.0 users were also urged to update their hardware to the latest 6.1.1 version of watchOS software.

If it is not patched in time, Apple warns attackers that it may cause memory corruption issues on the target Apple Watch and exploits vulnerabilities to gain system or kernel privileges.

According to each Common Vulnerability and Disclosure (CVE) description, the attack complexity of the six vulnerabilities is "low"-meaning that the attack will not be difficult to perform.

According to CVE's description of the bug tracked as CVE-2019-8828, "By using a specially crafted application, an attacker could exploit this vulnerability to gain kernel privileges." Like other watchOS errors, this memory corruption vulnerability has a CVSS 3.0 base score of 7.8.

In all watchOS cases, this fix is ​​an upgrade to watchOS 6.1.1.

On Tuesday, Apple also fixed a series of issues with its new versions of iOS and macOS.

The fix includes an item bundled with FaceTime (CVE-2019-8830). According to Apple, the vulnerability could allow malicious videos to be processed through FaceTime, which could lead to arbitrary code execution. The vulnerability was discovered by Natalie Silvanovich of Google Project Zero and is classified as a "out-of-bounds read" vulnerability that can be addressed through improved input validation.

Another bug was fixed in Apple's Live Photos feature (CVE-2019-8857), which affects iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation IOS users. Apple wrote: "Even if live photos are disabled in the share table carousel, live photo audio and video data can be shared via iCloud links."

Are you are looking for iPhone repair service? Then, UkiPhonerepair could be the best choice where you can get quick phone repair service with 12 month warranty on the repair service we offer.

For more details on UK iPhone repair services, visit the website http://ukiphonerepair.co.uk

Total Views: 316Word Count: 646See All articles From Author

Add Comment

Business Articles

1. Unveiling The Material Characteristics Of Plastic Parts
Author: adam.xu

2. Top 5 Beach View Resorts In Chennai For A Memorable Getaway
Author: greenmeadows resort

3. Relationship Counselling Den Haag Brings The Best Chance To Understand Each Other’s Needs!
Author: Angelika Matthias

4. Web Development Company: Guide For Hiring The Best
Author: Sagar Tech

5. Make A Business Website To Get Started Online
Author: Sagar Tech

6. Elevate Your Software Quality With Agile Advisors: Premier Software Testing Consultancy In Dubai, Uae
Author: kohan

7. Affordable Polyester Pleated Mesh From Top Manufacturers
Author: pavitra

8. Empowering Sustainable Development: Agile Advisors As Your Trusted Leed Certification Consultant In Dubai And Uae
Author: kohan

9. Buy Cats Eye Gemstone Online In Ahmedabad
Author: rishabhjains

10. Why Data Destruction And Sanitisation Are Important
Author: Destruction and Sanitisation

11. Stock Market Update: शेयर बाजार में लगातार चौथे हफ्ते बढ़त: क्या तेजी बरकरार रहेगी? जाने इस हफ्ते किन महत्वपूर्ण पहलुओं पर ध्यान देना चाहिए
Author: M Ratlami

12. Perfect Happy New Year Gift For Your Girlfriend Thoughtful Ideas For 2024
Author: MyFlowerTree

13. China Valmax Valve Co., Ltd
Author: China Valmax Valve Co., Ltd.

14. Mastering Clipping Path In Photoshop: A Guide To Precision Editing
Author: Sam

15. Expert Emergency And Cosmetic Dental Care Services For Families And Individuals In St. Louis
Author: Jessica Williams

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: