This week Apple released a patch for iOS devices to fix a bug that affects millions of mobile devices, Android released their patch at the beginning of the month. The bug is serious enough to warrant dropping what you are doing right now and install the update. On the US’s National Institute of Standards and Technology severity scale, Broadpwn scored a 9.8 out of 10.
Broadbwn exploits a bug in the Wi-Fi chip made by Broadcom. If your phone is searching for a Wi-Fi signal, which it is likely to do when you are out and about and not connected to a Wi-Fi network, the bug allows someone to take control of your mobile device. The attack does not need your PIN or password to access your information, and you don’t even need to be connected to a Wi-Fi network to be vulnerable, you simply need to be within Wi-Fi range of the attacker.
Now that this exploit is widely known, you can be sure that attackers will utilize it to take advantage of iOS devices that are not currently patched. This is another reason it is so important to update your device as soon as a patch is available to you.
Another way to prevent this particular attack is to turn off the phone’s ability to search for Wi-Fi networks. Not only does it help with the Broadpwn bug, it can help save a bit of battery life too.
Nitay Artenstein, a security researcher at Exodus Intelligence, discovered the exploit and will be providing more details about his findings at a Black Hat presentation in Las Vegas on July 27.