In the latest version of iOS Apple has patched dozens of serious security flaws, including the Broadpwn vulnerability in some Broadcom WiFi chips, and a number of remote code execution bugs in various components of the OS.
Not many details of the Broadpwn vulnerability are public yet, but it’s considered a fairly serious issue. Google earlier this month patched the same flaw in Android and security researcher Nitay Artenstein is scheduled to give a talk on it at Black Hat next month. What’s known is that Broadpwn affects a subset of Broadcom chips used in both Android and iPhone models and it allows an attacker to run arbitrary code.
“Meet Broadpwn, a vulnerability in Broadcom’s Wi-Fi chipsets which affects millions of Android and iOS devices, and can be triggered remotely, without user interaction. The Broadcom BCM43xx family of Wi-Fi chips is found in an extraordinarily wide range of mobile devices – from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices,” the abstract for the Black Hat talk by Nitay Artenstein says.
In iOS 10.3.3, released Wednesday, Apple also fixed a large number of serious flaws in the kernel and in WebKit, the framework that underlies Safari. Four separate flaws in the iOS kernel could lead to arbitrary code execution, and several others could allow an app to read restricted memory.
Among the WebKit vulnerabilities Apple patched in this release are more than 15 bugs that can lead to arbitrary code execution. Many of those flaws were discovered by members of Google’s Project Zero research team.