iOS 9 Fixes Crucial AirDrop Vulnerability
According to a report by ThreatPost, a recently discovered vulnerability in a library in iOS, which allowed hackers to overwrite arbitrary files on a target device via AirDrop, has already been fixed by Apple in iOS 9. Dowd, founder and director of Azimuth Security, had reported the vulnerability to Apple, after successfully being able to use the bug, along with some other tactics, to bypass the code-signing protections on iOS.
The vulnerability allowed an attacker to execute a “directory traversal attack”, which would enable him to write files to any location he chooses on the file system. Worst of all, an attacker could exploit the vulnerability even if the victim wouldn’t agree to accept the file sent over AirDrop.
“When you send a package via AirDrop, it comes up with a notification on the target phone asking the user if they want to accept the package. The user has to unlock the phone to accept or decline it. It does NOT matter whether they accept it or not to trigger this bug – the exploit has already happened by the time the notification is sent to the user,” Dowd said via email.
The security researcher also highlighted that unlike many other bugs in iOS and OS X, the vulnerability does not rely on memory corruption in order to work, and has been “completely reliable in practice”.