This isn’t good.
ThreatPost is reporting that there’s a bug in iOS and OS X that allows AirDrop which is Apple’s ad-hoc file transfer system to write files anywhere on the filesystem of the receiving devices. And they don’t have to agree to accept the file transfer for bad stuff to happen. Here’s the details:
The vulnerability lies in a library in both iOS and OS X, and Mark Dowd, the security researcher who discovered it, said he’s been able to exploit the flaw over AirDrop, the feature in OS X and iOS that enables users to send files directly to other devices. If a user has AirDrop set to allow connections from anyone—not just her contacts—an attacker could exploit the vulnerability on a default locked iOS device.
In fact, an attacker can exploit the vulnerability even if the victim doesn’t agree to accept the file sent over AirDrop.
Dowd, founder and director of Azimuth Security, was able to use the vulnerability, along with some other tactics to bypass the code-signing protections on iOS. To do this, he used his own Apple enterprise certificate to create a profile for his test app that allowed the app to run on any device. Under normal circumstances, when the app is first installed on a new device, the device would throw up a dialog asking the user if she trusts the app. However, Dowd is able to suppress this prompt by installing an enterprise provisioning profile on the device and marking it as trusted.
Lovely, This attack is apparently mitigated – but not fixed in iOS 9 which is going to hit the streets shortly. But there’s apparently no fix in OS X at present.
My suggestion. Turn off AirDrop and only turn it on when you need it. That should provide some degree of protection. Plus it will give you back a few minutes of battery life too as the device isn’t constantly scanning for devices that it could AirDrop to. In the meantime, let’s hop that Apple comes out with a real fix sooner rather than later.
Related
This entry was posted on September 16, 2015 at 11:50 am and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Critical Bug In iOS & OS X Allows AirDrop To Write Files Anywhere
This isn’t good.
ThreatPost is reporting that there’s a bug in iOS and OS X that allows AirDrop which is Apple’s ad-hoc file transfer system to write files anywhere on the filesystem of the receiving devices. And they don’t have to agree to accept the file transfer for bad stuff to happen. Here’s the details:
The vulnerability lies in a library in both iOS and OS X, and Mark Dowd, the security researcher who discovered it, said he’s been able to exploit the flaw over AirDrop, the feature in OS X and iOS that enables users to send files directly to other devices. If a user has AirDrop set to allow connections from anyone—not just her contacts—an attacker could exploit the vulnerability on a default locked iOS device.
In fact, an attacker can exploit the vulnerability even if the victim doesn’t agree to accept the file sent over AirDrop.
Dowd, founder and director of Azimuth Security, was able to use the vulnerability, along with some other tactics to bypass the code-signing protections on iOS. To do this, he used his own Apple enterprise certificate to create a profile for his test app that allowed the app to run on any device. Under normal circumstances, when the app is first installed on a new device, the device would throw up a dialog asking the user if she trusts the app. However, Dowd is able to suppress this prompt by installing an enterprise provisioning profile on the device and marking it as trusted.
Lovely, This attack is apparently mitigated – but not fixed in iOS 9 which is going to hit the streets shortly. But there’s apparently no fix in OS X at present.
My suggestion. Turn off AirDrop and only turn it on when you need it. That should provide some degree of protection. Plus it will give you back a few minutes of battery life too as the device isn’t constantly scanning for devices that it could AirDrop to. In the meantime, let’s hop that Apple comes out with a real fix sooner rather than later.
Share this:
Like this:
Related
This entry was posted on September 16, 2015 at 11:50 am and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.