Recently, Apple has released a security patch for iOS devices. Among the 47 data security vulnerabilities it addresses, it also patches the infamous ‘Broadpwn’ Wi-Fi hack, so your device is no longer vulnerable to it. iPhone and iPad users are encouraged to update their devices right away.
Basically, the ‘Broadpwn’ hack can be used to compromise iPhones and iPads in Wi-Fi range. In technical terms, the attack is executed by targeting the Wi-Fi chip found in these devices, a comparatively softer target than trying to break into the operating system itself.
The update, otherwise known as 10.3.3, is strictly a maintenance/security update. It also fixes some iOS kernel bugs, Safari, and WebKit, its browser engine. Otherwise, it offers little in terms of new functionality.
This month, Google addressed the same issue when releasing Android updates. According to Nitay Artenstein, a security researcher from Exodus Intelligence, the bug affects the Nexus series of phones, as well as LG devices, and almost all Samsung flagships.
In April, Apple patched a similar bug discovered by Project Zero.
The Broadpwn bug is not iOS specific, since it also affects devices running MacOS, Apple Watch, and Apple TV. Fortunately, Apple has already fixed the issues in its MacOS Sierra 10.12.6 update, and previously released the needed updates for its TV’s and watches.
If you’re wondering how the hack works in detail, Artenstein will be attending the Black Hat conference in August, where he will explain how to go from controlling the Wi-Fi chip to breaking into the main OS.