A firmware vulnerability contained in Broadcom wireless chipsets commonly found in iOS and Android devices has been exploited by security researchers, allowing devices to be compromised through the execution of arbitrary code.
In an impressively detailed blog post, Project Zero security researcher, Gal Beniamini, explained that the exploit requires 'no user interaction' so long as the device is within Wi-Fi range. The researcher was able to overwrite specific regions of device memory with arbitrary code by sending Wi-Fi frames which contained irregular values.
Although the researcher only inserted benign code during testing, the researcher explained that attackers would be able to use the same method to insert genuinely malicious code onto a device.
On Monday, Apple released iOS 10.3.1 in response to the vulnerability but Google is only now in the process of preparing a patch as part of its upcoming April security roundup. However, due to the nature of Android updates and the involvement of different hardware vendors, updates will likely see a slower adoption rate due to fragmentation across the platform. Case in point, Nougat only accounted for 2.8% of all Google Play Android devices as of last month despite being released over seven months ago.
To best mitigate the issue for unpatched Android devices, deactivating Wi-Fi appears to be the best course of action. Even then, some Android devices may still be at risk, particularly if Wi-Fi location-based services are activated.
24 Comments - Add comment