No software is 100 percent watertight. A serious bug can pop up anytime that will leave your devices vulnerable.
Just like what a Google Project Zero researcher has discovered. Gal Beniamini found a serious security flaw in Wi-Fi chipsets of both iOS and Android systems that allows hackers to invade devices within Wi-Fi range.
'Full Device Takeover By Wi-Fi'
In the two-part blog series about the security flaw, Beniamini explained how this security breach can lead to a "full device takeover by Wi-Fi proximity alone, requiring no user interaction."
The researcher outlined the vulnerability of Broadcom's Wi-Fi system on chip (SoC). Beniamini focused on Broadcom since it is the most common Wi-Fi chipset found in mobile devices. For his research, he used Nexus 5, 6, and 6P phones, Samsung flagship phones, and all iPhones models from iPhone 4 onward.
Beniamini explained that he developed a proof-of-concept exploit to attack the firmware on Broadcom's wireless SoC to cause a stack overflow. A stack overflow is when a computer program tries to use more memory space than what is available, making it vulnerable to crash, for example.
In Beniamini's research, he managed to overwrite specific regions in the memory. While his exploit was harmless, this flaw can be used by an attacker by introducing malicious codes into your device. And all that simply via Wi-Fi.
Broadcom, Apple, Google Respond
Fortunately, there have been no reports of serious digital attacks using the discovered exploit. Nonetheless, the parties concerned jumped into action to fix the flaw.
Broadcom, according to Beniamini, has informed him that "newer versions of the SoC utilise the MPU, along with several additional hardware security mechanisms. Also, Broadcom is considering implementing exploit mitigations in the future.
Apple immediately worked to release a patch to address the security flaw. It released a security content for iOS 10.3.1. The patch note reads:
• Available for: iPhone 5 and later, iPad 4th gen and later, iPod touch 6th gen and later
• Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
• Description: A stack buffer overflow was addressed through improved input validation.
Google hasn't released a security patch for all Android devices. According to a report, the fix is only available to select devices and even that patch may take two weeks or more to be available.