HIGHLIGHTS
- The chipset is being used in both Android and iOS devices
- The exploit doesn’t require user interaction to work
- Broadcom Wi-Fi chipset is being used in latest iPhones
Google Project Zero researcher Gal Beniamini revealed on Tuesday that a vulnerability associated with Wi-Fi chipsets developed by Broadcom, currently being used in several Android devices as well as latest iPhone devices, could be exploited by hackers to gain control over the device. Even though both Google and Apple have fixed the vulnerability with April security patch and iOS 10.3.1 update respectively, the devices that have not been updated yet are still vulnerable to this flaw.
In his blog post, Beniamini has explained how the vulnerability can be exploited by the hacker to execute a malicious code on user’s smartphone just by being in the same Wi-Fi range as the targeted device, without a need for user interaction, Ars Technica points out in its report.
Notably, the Wi-Fi chipsets created by Broadcom are being used in Android devices including Nexus 5, Nexus 6, and Nexus 6P, most flagship Samsung devices, and in all iPhone models since iPhone 4.
As Broadcom was notified by Beniamini before posting the vulnerability, the company was able to push out the fix with Google and Apple with their respective updates. However, as Google is yet to make its April security patch available for several devices, a large number of Android devices are still vulnerable to the exploit. Considering that the distribution of updates has been a major issue on Android in comparison with iOS, we would like to request our readers to update their devices as soon as it is made available.
Sоurсе: gadgets.ndtv.com