123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Business >> View Article

Apple Fixes "airdos" Vulnerability, Which Paralyzes Nearby Iphones And Ipads

Profile Picture
By Author: Handset Recycle
Total Articles: 271
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Apple fixed a bug that prevented nearby hackers from using the iPad and iPhone.

Apple Corp. on Tuesday fixed a bug in AirDrop, a file exchange feature that made hackers nearby unable to use iPhones and iPads. The vulnerability was found to open the door to a denial-of-service attack where an attacker could use AirDrop shared pop-up notifications to send spam emails to all nearby iPhones and iPads indefinitely.

"This shared pop-up window blocks the user interface, so device owners will not be able to continue doing anything on the device unless it accepts / rejects the pop-up window and the pop-up window will continue to appear. It will also persist, "independent researcher Kishan Bagaria wrote in a post outlining his findings.

Apple fixes were released on Tuesday and include all other fixes for Apple Watch, iOS and macOS Catalina.

Bagaria calls this flaw AirDoS, which is a gameplay of Apple's feature names AirDrop and DoS (denial of service). AirDrop is a feature in iOS and macOS that allows files to be transferred using Wi-Fi or Bluetooth. "When someone uses AirDrop to share content with you, you ...
... see an alert with a preview. You can click to accept or decline," Apple described on its support page.

"This error is still subject to AirDrop receiving settings, which means that if your AirDrop setting is set to" Everyone, "anyone can become an attacker, but if you set it to" Contacts only, "only Someone from your contacts can be an attacker, Bagaria wrote.

Bagaria said that in addition to updating to the latest version of iOS 13.3 to resolve the issue, users can also turn off the AirDrop feature in Settings. To stop active attacks, he suggests having Siri turn off Wi-Fi and Bluetooth radios on your iPad or iPhone.

The researcher said that he reported the bug to Apple in August, and the bug was fixed in the latest iOS update (13.3). The proof-of-concept of the attack has been posted to GitHub, and a video about the ongoing attack is available on YouTube.

After researchers found six serious bugs in the mobile operating system, Apple Watch 6.1.0 users were also urged to update their hardware to the latest 6.1.1 version of watchOS software.

If it is not patched in time, Apple warns attackers that it may cause memory corruption issues on the target Apple Watch and exploits vulnerabilities to gain system or kernel privileges.

According to each Common Vulnerability and Disclosure (CVE) description, the attack complexity of the six vulnerabilities is "low"-meaning that the attack will not be difficult to perform.

According to CVE's description of the bug tracked as CVE-2019-8828, "By using a specially crafted application, an attacker could exploit this vulnerability to gain kernel privileges." Like other watchOS errors, this memory corruption vulnerability has a CVSS 3.0 base score of 7.8.

In all watchOS cases, this fix is ​​an upgrade to watchOS 6.1.1.

On Tuesday, Apple also fixed a series of issues with its new versions of iOS and macOS.

The fix includes an item bundled with FaceTime (CVE-2019-8830). According to Apple, the vulnerability could allow malicious videos to be processed through FaceTime, which could lead to arbitrary code execution. The vulnerability was discovered by Natalie Silvanovich of Google Project Zero and is classified as a "out-of-bounds read" vulnerability that can be addressed through improved input validation.

Another bug was fixed in Apple's Live Photos feature (CVE-2019-8857), which affects iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation IOS users. Apple wrote: "Even if live photos are disabled in the share table carousel, live photo audio and video data can be shared via iCloud links."

Are you are looking for iPhone repair service? Then, UkiPhonerepair could be the best choice where you can get quick phone repair service with 12 month warranty on the repair service we offer.

For more details on UK iPhone repair services, visit the website http://ukiphonerepair.co.uk

Total Views: 306Word Count: 646See All articles From Author

Add Comment

Business Articles

1. How Global Trade Finance Facilitates Cross-border Transactions And Reduces Risk
Author: Riddhi Divan

2. Innovative Uses Of Nickel In Cryogenic And Marine Environments
Author: Online fittings

3. Implementing Predictive Analytics In Your Abm Toolkit
Author: SalesMark Global

4. Comparing The Top 5 Live Commerce Platforms For 2024
Author: Amy Williams

5. Data-driven Precision Marketing For Effective Demand Generation
Author: SalesMark Global

6. Supercharge Your Sales With Optimized Pipeline Velocity
Author: SalesMark Global

7. Best Japan Tour Packages
Author: bharathi

8. Adani Group Stocks Down 20%; Gautam Adani Indicted In Us Over Bribery Charges
Author: Bizzbuzz

9. High-performance Ss Round Bars: Addressing The Energy Sector's Needs
Author: Neelkamal Alloys LLP

10. The Role Of Modern Washroom Solutions In Maintaining Cleanliness
Author: ritika krishna

11. Why Choose Premium Taxi Services In Kochi?
Author: maya

12. Black Magic Astrologer In Kasaragod
Author: Sripandith05

13. The Health Benefits Of Adding Pineapple To Your Pancakes
Author: maya

14. Top Luxury Resorts In Kerala For Your Dream Vacation
Author: maya

15. How To Start Your Shopping Website In Doha: A Simple Guide
Author: maya

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: