Apple Releases iOS 9; Fixes Security Bugs
Thursday, September 17, 2015 @ 04:09 PM gHale
Apple released iOS 9 that adds improved security and privacy features and makes fixes for vulnerabilities.
One of the issues is a vulnerability attackers can exploit by installing malicious apps on a target’s iPhone or Mac via the AirDrop filesharing feature, without the need to obtain the target’s permission (i.e. accept the AirDrop request).
This is possible because Apple permits apps signed with Apple enterprise certificates — usually granted to companies so they can seamlessly “sideload” software to their employees devices — to end up installed from sites other than the App Store. These certificates are occasionally stolen and misused by malware peddlers.
That problem ended up discovered last month by Mark Down, security researcher, founder and director of Azimuth Security, who notified Apple about it immediately.
To leverage the vulnerability, an attacker needs to be within Bluetooth range of the target who has AirDrop (and thus Bluetooth) enabled. If he or she have temporary physical access to the target’s iPhone, they can turn on AirDrop easily via the lockscreen.
The new iOS version plugged the hole temporarily by implementing a sandbox around AirDrop, so attackers can’t write files to arbitrary locations on the phone via that service.
A more permanent fix is coming, and until then Down will not release any more information about the vulnerability.
Apple said iPhone users should update to iOS 9 as soon as possible and OS X users can upgrade to version 10.11 when the company releases it later this month. Turning off AirDrop until then is a temporary and imperfect mitigation, but a user should do it, officials said.