Critical security update on iOS 17.2
Fighting bluetooth threats: Apple fixes critical vulnerabilities with new iOS 17.2 update
The article describes how a recent iOS update fixed major security vulnerabilities related to Safari and the iPhone kernel. It also highlights how hackers exploited weaknesses in the Bluetooth protocol to launch DoS attacks on the device. Finally, we discuss the role of the manufacturers of Flipper Zero, one of the devices used in these attacks, and their condemnation of misuse of the device.
The update to iOS 17.2 led to the resolution of serious vulnerabilities related to the Safari engine, WebKit, and a kernel issue on iPhone, as highlighted by Kate O'Flaherty on Forbes. Such details may not be immediately apparent, as Apple tends not to publicize them widely, but a careful analysis of security updates revealed these important fixes.
Hacking iPhone with a cheap device
Hackers have exploited vulnerabilities in the Bluetooth Low Energy protocol by sending advertising packets that can cause iOS devices to crash. Using a Flipper Zero, an inexpensive but powerful device, modified at the firmware level, it is possible to launch a DoS (Denial of Service) attack within 15 meters of the target, a threat that should not be underestimated despite its limited practical implications.
Apple's response to the Bluetooth attack
Although initially the only defense against these BLE attacks was the use of the iPhone's Extreme Security Mode, Apple has now made a fix with the latest update. While no specific details are provided, the change may involve the implementation of a time-out for advertising package requests, a measure that renders the cyber attackers' aggressive strategy ineffective.
Deal with the responsibility of using Flipper Zero
From the side of the manufacturers of Flipper Zero, there has always been a clear message against the improper use of their devices. Open-source firmware could be manipulated for malicious purposes, but this is explicitly discouraged and not supported by its creators. In the meantime, it is essential that iPhone users update to the new security standards by going into settings and installing iOS 17.2 to protect themselves from these threats.
Follow us on Twitter for more pills like this12/17/2023 13:50
Marco Verro