apple-ssl-vulnerability

There’s been a serious iOS vulnerability uncovered recently by security research company, Skycure that you should know about.

This bug is exploited by means of just a WiFi connection and will put your iOS device into a never-ending bootloop for as long as you are in range of the malicious WiFi connection. -nice going, Apple-

“It puts the victim’s device in an unusable state for as long as the attack impacts a device. Even if victims understand that the attack comes from a Wi-Fi network, they can’t disable the Wi-Fi interface in the repeated restart state.” -Skycure

Attackers can fairly easily weaponize a WiFi network through use of a modified SSH certificate which, when your iOS device attempts to parse it, starts the bootloop.

So, the only way that iOS device owners would be able to stop the bootloop would be to get out of range of the malicios WiFi network.

How To Protect Against The No iOS Zone

Below, you’ll find the advise that the original discoveres of the vulnerability have given for avoiding the problem alltogether.

1. In general, everyone should be avoiding connecting to any suspicious “FREE” Wi-Fi network.

2. Update your iOS device to 8.1.3, as the attack is sometimes not as effective on this version.

3. If you are able to get to the WiFi settings toggle before the next crash, try to disconnect from the WiFi network or just turn your phone to airplane mode altogether.

Ultimately Apple are the ones that need to come up with a fix quickly, and as of the time of this posting, they have yet to disclose when this will be patched.

6 Shares
+15
Tweet
Share1
Share