Tuesday, September 27, 2022

Warning Issued For Millions Of Apple iPhone Users

Recently, iPhone owners worldwide were warned that a seemingly harmless WiFi hack was not only just risky but a tangible threat. And now that threat level is genuine.

image source-Forbes

According to Gordon Kelly, in shocking new research that was shown to him ahead of publication, mobile security specialist ZecOps has found that a serious zero-click flaw was silently spotted in iOS 14.4 (without a CVE). Also, ZecOps research shows that exploiting this vulnerability can be applied to the new iPhone WiFi hack. This changes it from being a relatively harmless denial of service (DoS) threat for both local privilege escalation (LPE) and for remote code execution (RCE) attacks. These attacks are the hacker’s ultimate goal, allowing them to take over your iPhone remotely potentially. And Apple has yet to find a permanent solution.

Also Read: Apple’s New iPhone Feature Is A Long-Term Success. 

ZecOps CEO Zuk Avraham warns, “There’s a new WiFi threat exposed in town. You all have already seen it but didn’t realize the implication. They recently reveal ‘non-dangerous’ WiFi bug is powerful. “While investigating this helplessly, we found another silently patched format-strings vulnerability that allows an attacker to affect an iPhone or iPad running iOS 14.3 or earlier version without any interaction with an attacker. This type of attack has been named 0-click (or zero-click). Exploiting this fault is possible, and the same technique can be implemented to the latest unpatched WiFi error in iOS 14.6.

And now it takes a turn for the adverse. ZecOps notes that in its latest form, a user running the latest version of iOS (14.6) would have to run a WiFi network with crafted characters, particularly in its name (SSID), to be vulnerable, which is likely to increase suspicion and reduce possible attacks. But at the beginning of this month, research by security analysts AirEye disclosed that their research team was able to build the network name in a way that does not expose the user to the weird characters, making it look like a legitimate, existing network name.”

In Apple’s defense, recent betas of iOS 14.7 convey that the company is working to fix this. Still, AirEye CTO Amichai Shulman reveals that these airborne attacks are a “new and yet unnoticed threat vector given their hidden nature, we’re destined to see more such attacks.” 

So what can a user do? Unexpectedly, older iPhones running iOS 12 or earlier are not vulnerable. Still, for other users, Avraham suggests disabling the WiFi Auto-Join Feature on iPhones and iPads (Settings > WiFi > Auto-Join Hotspot > Never). 

Next, you can only wait because Apple is likely to repair this version of the flaw in iOS 14.7, which will release next week. After which, a certain new high stakes game of Whack-a-mole is set to begin between hackers and all the big tech companies as momentum grows around these new forms of airborne attack. 

But after this, you may never look at WiFi hotspots the same way again. 

Please share your ideas and suggestions for us in the comment section.

Trending News: Samsung Galaxy Watch 4: Important Information Revealed In Accidental Leak

News you can’t miss: How To Use FaceTime On Your Windows PC?

Confirmed- Microsoft’s classic computer assistant Clippy might be making a comeback soon.

Categories:

Popular

- Advertisement -

Latest

Related articles

Google Chat- Send Multiple Photos And Videos At Once

0
G Suite is Google's all-in-one software solution, but for a while, the company lacked a...
Starlinks And Apple

Starlinks And Apple: Why They Are In News

0
The Apple iPhone 14 supports satellite data connections. Musk has revealed he has spoken with Apple...
iOS 16 features

Top iOS 16 Features Coming To Your iPhone On September 12th

0
Apple has been launching the beta category of iOS 16 for developers and users to...

Apple Watch 8 Finally Launched With Amazing Features

0
At tonight's Far Out event, Apple introduced two new smartwatches: the Apple Watch Series 8...
Apple Event 2022

Apple Event 2022- All That You Missed

0
This is that time of the year when Apple Event is the talk of the...
- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.