Critical security update on iOS 17.2

The update to iOS 17.2 led to the resolution of serious vulnerabilities related to the Safari engine, WebKit, and a kernel issue on iPhone, as highlighted by Kate O'Flaherty on Forbes. Such details may not be immediately apparent, as Apple tends not to publicize them widely, but a careful analysis of security updates revealed these important fixes.

Hacking iPhone with a cheap device

Hackers have exploited vulnerabilities in the Bluetooth Low Energy protocol by sending advertising packets that can cause iOS devices to crash. Using a Flipper Zero, an inexpensive but powerful device, modified at the firmware level, it is possible to launch a DoS (Denial of Service) attack within 15 meters of the target, a threat that should not be underestimated despite its limited practical implications.

Apple's response to the Bluetooth attack

Although initially the only defense against these BLE attacks was the use of the iPhone's Extreme Security Mode, Apple has now made a fix with the latest update. While no specific details are provided, the change may involve the implementation of a time-out for advertising package requests, a measure that renders the cyber attackers' aggressive strategy ineffective.

Deal with the responsibility of using Flipper Zero

From the side of the manufacturers of Flipper Zero, there has always been a clear message against the improper use of their devices. Open-source firmware could be manipulated for malicious purposes, but this is explicitly discouraged and not supported by its creators. In the meantime, it is essential that iPhone users update to the new security standards by going into settings and installing iOS 17.2 to protect themselves from these threats.