Flaws in a microchip used widely in Apple and Android mobile devices could be used to remotely hack a device over Wi-Fi.The problems are contained within the firmware of a system on chip made by Broadcom that is used in mobile devices and Wi-Fi routers. The chips are in Google’s flagship Nexus devices, Samsung’s high-end devices and in Apple’s iPhone 4 through later models.Mobile phones increasingly depend on a separate system on chip to deal with the complexities of managing Wi-Fi. The advantage of offloading these tasks to a separate chip – referred to as Wi-Fi FullMAC chips.
Google found a series of vulnerabilities that affect Broadcom’s system-on-chip firmware, which then could allow someone to elevate privileges and get inside the operating system’s kernel.Essentially, the flaws in the firmware can be exploited via Wi-Fi frames to overflow the stack of the system on chip, allowing other code to run in memory.Apple has issued a patch for the flaws, but Android devices remain unprotected.
http://www.bankinfosecurity.com/google-discovery-shows-fragility-mobile-phone-security-a-9816
Leave a Reply
You must be logged in to post a comment.