Today, Google Project 0 has announced the disclosure of a powerful WiFi Chip exploit that exploits a vulnerability of type Buffer Overflow in the Broadcom chip present on some of the Apple devices. Apple has confirmed and patched the vulnerability in iOS 11. You can actually find the security contents of the iOS 11 where Apple claims to have fixed the vulnerabilities pointed out by Gal Beniamini of Google Project 0.
The vulnerability is a pretty serious one and all 64-Bit devices seem to be affected judging by Apple's security contents page where they claim the vulnerability was present on iPhone 5S and newer, iPad Air and later, and iPod touch 6th generation. According to Apple, "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip".
In details, an attacker within range that has access to your MAC address, can take advantage of the vulnerability and run arbitrary code on your WiFi Chip. Considering that your MAC address is broadcasted as part of the normal networking, the vulnerability is a pretty serious one, especially since a lot of people are connecting to unsecured WiFi hotspots, such as Internet Cafes, Coffee shops and public WiFi. Your MAC address is usually sent only to the gateways in your network, but once you're on a public WiFi, this becomes accessible to that specific gateway, which god knows who is operating it.
According to Beniamini, he was able to use this exploit to create a backdoor on the WiFi Chip to read and write data to and from it. Although he tested on iOS 10.2, he believes iOS 10.x up to 10.3.3 versions are affected.
Since the exploit has been fixed in iOS 11, I advise anyone who is not waiting for a jailbreak, to update to iOS 11. It might be a bit buggier, but this WiFi exploit is pretty serious, and I am pretty sure it is hard to tell when someone uses this on your device.
As for those who are patiently waiting on iOS 10.x for a jailbreak, pay attention what you install / access, and don't ever connect to untrusted networks, especially those on the coffee shops.
▽ Resources ▽
▶ Google Project 0's Exploit
▶ iOS 11 Security Content
▶ iOS 11 Full Review
▶ iOS 11 Best Cydia Alternative (App Valley) For ++ Apps UPDATED
▶ iOS 11 JAILBREAK UNTETHERED BY STEVE SMITH DEBUNKED!
▶ Protect yourself from Jailbreak Scams
