contador web Skip to content

iOS 13.3 fixes AirDrop bug that allowed crashes on iPhones / iPads

O iOS 13.3 it's the iPadOS 13.3 were released yesterday (along with updates to other Apple operating systems) with some new features such as Communication Limits and security key support. Something, however, may have gone unnoticed: the fix a major bug in AirDrop.

The flaw was discovered by the researcher. Kishan Bagaria in August and immediately shipped Apple; Only now, with everything properly fixed, has it been released. The bug, called AirDoS, allowed a rogue to make an iPhone or iPad completely unusable by sending a huge amount of files through AirDrop after the feature window began to appear on the screen at all times, making use of the device impossible.

The video below exemplifies the attack:

The failure made all iPhones and iPads configured to receive AirDrop files from anyone other than the default setting vulnerable, but could easily be changed by the Control Center. With iOS 13.3, the attack can no longer be reproduced because of a new feature implemented by Apple: Now, by refusing an AirDrop request from the same device three times, that sender is unable to send you more files.

Obviously, the failure did not represent a vulnerability in itself, as it did not provide a way for a rogue to break into a device. Still, it's nice to know that everything is now resolved and one more reason for you to keep your devices up to date whenever possible.

via 9to5Mac