Dubbed Broadpwn, the vulnerability was found by Exodus Intelligence researcher Nitay Artenstein.
Meet Broadpwn, a vulnerability in Broadcom's Wi-Fi chipsets which affects millions of Android and iOS devices, and can be triggered remotely, without user interaction. The Broadcom BCM43xx family of Wi-Fi chips is found in an extraordinarily wide range of mobile devices - from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices.
At Blackhat USA 2017 (July 22-24), Artenstein will explain how the bug was found and exploited to achieve full code execution and how they went on to leverage control of the Wi-Fi chip in order to run code in the main application processor.
Here's the security note detailing Apple's Broadpwn fix...
● Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation
● Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
● Description: A memory corruption issue was addressed with improved memory handling.
● CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
You can download the new iOS 10.3.3 firmware directly using the links below:
● Where to Download iPhone Firmware From
● Where to Download iPad Firmware From
● Where to Download iPod touch Firmware From
Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.