Apple's broadcast feature allows iPhone And Macbook To keep music seamlessly or display photos and videos on Apple devices or third -party speakers and TVs integrating protocols. Now the new security holes are discovered in AirPlay, which means that similar wireless connections may allow hackers to move in the network so easily, transmitting malicious code from one -infected device to another. Apple products are known for the use of frequent corrections, but rarely some smart home devices are patched, capable of these wireless foothold for malware, on many of hundreds of models that support broadcasting, will exist for many years to come.
On Tuesday, researchers from cybersecurity company Oligo revealed what they called Airborne, a collection of holes affecting Airplay, protocol -based protocols of Apple's exclusive radio for local wireless communication. Error in Apple's AirPlay software development (SDK) for third-party devices will allow hackers to attack devices such as speakers, receivers, Set-top boxes or smart TVs if they are on the same Wi-Fi network with hacker machines. A set of notes will allow hackers to exploit Apple devices that support Airplay, Apple told Oligo, although these errors have been patched in updates in the past few months and Apple told Wired that those errors can only be exploited when users change the default broadcast settings.
Apple devices aside, Oligo's technology director and co -founder, Gal Elbaz, estimated that third -party aircraft support devices are likely to be vulnerable to tens of millions. Because AirPlay is supported in many such devices, there are many things that will take many years to patch or they will never be patched, Elbaz said. And all just because the holes in a software affect everything.
Although Oligo has worked with Apple for months to patch the air in all the affected devices, the security company is based on tel-Avivist warn that the aerial holes in many third-party devices may still be hacked except when users act to update them. If a hacker can access the same Wi-Fi network like those vulnerable devices, whether hacking on another computer on the home network or the company's network or just connecting to the same Coffeeshop or Wi-Fi airport, they can snatch these utilities. From there, they can use this control to maintain a stealthy access point, hack other goals on the network or add machines to the BOT network of infected coordinates under the control of hackers.
Oligo also noted that many vulnerable devices have microphones and can be turned into listening devices for spy. The researchers did not go far to the point of creating malicious software evidence for any specific goal will prove that trick.
Oligo said it warned Apple about the aerial finding in late autumn and winter last year, and Apple responded in months since then by pushing out security updates. The researchers have cooperated with Apple to check and confirm the corrections for Mac and other Apple products.
Apple told Wired that it also created patches available for third -party devices affected. However, the company emphasized that there are limitations for possible attacks on devices that support broadcasting due to errors, because the attacker must be on the same Wi-Fi network as the target to exploit them. Apple adds that, although it is likely that some user data on devices such as TVs and speakers, it is often very limited.