STE WILLIAMS

Apple hasn’t provided much detail, but you don’t want to ignore the latest iOS release – 10.3.1 – because it plugs a very nasty Wi-Fi vulnerability.

Cupertino has rushed out the emergency patch because: “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip” – meaning, presumably, that malicious packets gave attackers a vector.

The fix for the bug, which Apple attributes to Gal Beniamini of Google’s Project Zero, was a buffer overflow fixed by better input validation.

The bug affected iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later.

The release of 10.3.1 comes just a week after Apple released 10.3.

9to5Mac notes that while 10.3 left older 32-bit devices off the list, 10.3.1 includes them – indicating how serious Apple views the bug. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/04/03/driveby_wifi_ithing_fix/