In what could potentially open gateways to users data on smartphones, a security researcher has discovered a serious vulnerability that compromises the Wi-Fi chipsets used in both iOS and Android devices. Gal Beniamini, who works for Google s Project Zero, warns that the security exploit can allow a malicious hacker to potentially execute arbitrary code on the target over a shared Wi-Fi network. Also Read - Apple iPhone 12 was the best selling smartphone in January: CounterpointAlso Read - Google workers ask Alphabet CEO to stop protecting harassers
The proof-of-concept attack, as detailed in Beniamini s blog, narrates how criminals could o a full device takeover simply by Wi-Fi proximity, without any user interaction. As a report on BGR US, Apple has fixed the vulnerability with the release of its iOS 10.3.1 update that was launched earlier this week. However, it being in the knowledge of a Google researcher, the security patch is not available widely to all Android users. ALSO READ: Whatsapp, Telegram end-to-end encryption vulnerable to hacking Also Read - DuckDuckGo asks people to block Google's new tracking method
As a media report notes, the security patch for Android users is available only on a select number of models and it could take over a couple of weeks before eligible device owners receive the update over-the-air. It is worth mentioning that the Wi-Fi chipset bug impacts all iPhones models since the iPhone 4s, a range of Nexus and Samsung s Galaxy smartphones.
Whether you are an Android user or an iOS device owner, it is always in best interest to keep your device OS updated at all times. You could also follow our video on how to update your smartphone to the latest available software in simple steps. ALSO READ: Digital bounty: A conversation with Anand Prakash who s won crores for reporting bugs
Talking about using a public Wi-Fi or internet over a shared network; it is recommended that you keep browsing limited to generic websites which do not require you to fill in your personal details, passwords, etc. This is to ensure that any vulnerability, be it from the network s end or on your own device, does not end up compromising your personal data. Additionally, if you do happen to use a lot of shared networks for personal or professional use, you could consider changing your passwords across platforms periodically to thwart any hacking threats.