ICS/Lotus (mostly), Linux, Travel, Skiing, Mixology, and Random Musing of Interest

 
Bill Malchisky
 

Archives

    Find me here…

  • Skype
  • Bleedyellow via Sametime
  • Attention Apple Users - Protect Yourself from the AirDrop Exploit

    Bill Malchisky  September 16 2015 10:16:00 AM
    Forbes has one of the best takes on this new vulnerability - particularly as many articles I read all cite the Forbes piece (linked below). Regardless if you have OS X or iOS, you are in scope. The issue is that in iOS and OS X an attacker can install apps sans permission via AirDrop--which is used as a quick and easy way to send files between two devices. Unfortunately, the exploit bypasses security (including the Apps Store) and need not be trusted and the user not notified of the application installation. Know that even if you reject an inbound transfer, your system can become severely compromised--which is a big part of the problem.

    The exploit exists in iOS7+ along with OS 10.10 and is partially---not completely---addressed in iOS 9 and OS 10.11 (El Capitan). Thus, please be weary of lesser quality reports that claim the bug is fixed in iOS 9. The easiest workaround is to avoid using AirDrop and keep it disabled; telling users to do this though, is another matter. If you need/want to use it, just be certain to turn-off the feature when you are done. The video below demonstrates just how incredibly easy it is to initiate this attack, so it is best for admins and security officers to alert their team members.

    iOS 8.4.1 AirDrop Exploit Demo video

    "Smarter hackers abusing such a flaw could go deeper into the phone, to the heart of the operating system."
    -- Mark Dowd, Azimuth Security researcher

    Forbes - "One Great Reason To Update To iOS 9 - A Nasty Silent AirDrop Attack Is In Town"

    "To initiate the attack, all a hacker has to do is to send a file via AirPlay to an iOS or OS X user running iOS 7 or later, and Yosemite, respectively. It doesn’t even matter if the recipient accepts the incoming transfer, as the malware attack is initiated."
    -- Ibid.

    Powered by IBM Lotus Domino 8 | Lotus User Group | Get Firefox! | This blog is listed on Planet Lotus   IBM Certified

    © 2010 William Malchisky.