Computer security is one of the most exciting fields in the world of technology and one of the most important areas of our era. For this reason, any case of cyberattack can be a big problem. head for companies and individuals. At the beginning of the year, Apple suffered one although it was somewhat overlooked. The company fixed one of the most serious iPhone vulnerabilities on record. A bug was detected in the kernel of the iOS operating system, known as the “kernel”, that allowed to give remote access to the devices to an attacker through the WiFi network.
The “bug” (vulnerability in computer slang) has been discovered Ian Beer, a researcher at Project Zero, a Google subsidiary, who in an investigation has explained in detail the seriousness of the problem, which has already been solved by the American multinational. The problem is that, if there are a series of conditions such as being in the same connection, a cyber attacker with knowledge could exploit the security hole to take the control of the mobile without having physical access to it and without the interaction of the owner.
This researcher verified that the attack managed to exploit an error known as a “buffer overflow” in an AWDL driver, an Apple proprietary network protocol designed for the operation of the system. Airdrop wireless transfer. Because these drivers reside in the kernel the error gave the opportunity to perform an access by sending information packets through the WiFi network.
«The attack affects or would be able to affect those iPhones that are in a nearby radius and that have the WiFi on, that is, it does not affect all the terminals in the world; you need to have close access to the user », he explains in a telephone conversation with ABC Lorenzo Martinez, IT expert and director of Securízame, who qualifies the vulnerability of a high degree level.
In Martínez’s opinion, the impact is high, but “you have to take into account the conditions that have to be met in order to affect a device in a targeted way.” “If it is someone who has to be in a close range the attack is more difficult to carry out,” he says. Apple fixed the problem by updating the iOS operating system earlier this year. At the moment there is no evidence that exploited by cybercriminals to steal sensitive information.