Network Security, Patch/Configuration Management, Vulnerability Management

Apple’s iOS 10.3.1 update patched Wifi code execution flaw


Days after releasing the iOS 10.3 patch, Apple has released a new patch, iOS 10.3.1, to correct a code execution flaw that could be exploited via Wi-Fi.

The bug was spotted by Google's Project Zero Team and would allow an attacker within range of a vulnerable device to exploit a stack buffer overflow flaw in iOS and would allow arbitrary code execution on the Wi-Fi, Apple said in the April 3 release.

The flaw affects the chips built into iPhone 5, iPad 4th generation and iPod Touch 6th generation and later devices. Apple said it addressed the stack buffer overflow through improved input validation.

Apple released the iOS 10.3 update which contained patches for 70 vulnerabilities, 18 of which could have been exploited remotely, on March 28.

A beta version of iOS 10.3.2 was also released last week and experts say it will likely go through a few more patches before its mainstream release. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.