Update Your iPhone or iPad to Patch the AirDoS Bug

Jan 9, 2020|WAMS, Inc.|

If your iPhone or iPad is not running the latest system software, you could fall victim to an attack that could make your device temporarily unusable. Here is what you need to know about the vulnerability behind this attack.

Devices running iOS 13.2, iPadOS 13.2, or earlier versions of these operating systems contain a vulnerability that hackers can use to launch a Denial of Service (DoS) attack.

The Vulnerability and How It Is Exploited

The security researcher who discovered the vulnerability refers to it as “AirDoS” because it can be exploited to launch a DoS attack that involves the AirDrop feature. This built-in feature lets iPhone and iPad users share files (e.g., documents, photos) with each other via a Wi-Fi or Bluetooth connection.

Hackers can exploit this bug to attack all nearby iPhones and iPads that are not patched. In the attack, an AirDrop box pops up, indicating that someone wants to share a file with you. The box gives you the option of accepting or declining the file. No matter which option you choose, the pop-up box immediately reappears. This creates an endless loop that prevents you from being able to use your device. The pop-up box will persist even if you lock and then unlock your device.

What to Do

What should you do if you fall victim to an AirDrop attack? First, try moving out of range. The attack occurs over a Wi-Fi or Bluetooth connection, so the attacker has to be nearby.

If moving out of range is not possible (e.g., you are on an airplane), you can ask Siri to turn off Wi-Fi or Bluetooth. Alternatively, you can lock your device, access the Control Center from the lock screen (assuming this capability is enabled), and turn off AirDrop, Wi-Fi, or Bluetooth from the Control Center.

While stopping an AirDoS attack is possible, it is better to prevent one altogether. The best way is to upgrade your iPhone to iOS 13.3 or your iPad to iPadOS 13.3. This will patch the vulnerability. Before upgrading, though, be sure to back up your device.

To prevent similar attacks in the future, you should also configure AirDrop so that only people in your contacts list can share files with you. You might also consider keeping AirDrop, Wi-Fi, and Bluetooth disabled when not in use.

Related Articles

Want more articles like this sent to your inbox? Be in the know!

In the United States, the four main wireless carriers are rolling out 5G services. Find out what they are offering and how fast their 5G service might be. The race to 5G has started in earnest around the world. In the United States, the four main wireless carriers — AT&T, Sprint, T-Mobile, and Verizon — […]

On January 1st, 2020 the California Consumer Privacy Act (CCPA) went effect for new consumer privacy rights. This empowers consumers with more power against larger businesses selling their data. Is your company affected by this new law, and if so, are you compliant? This new law is designed to protect and educate California consumers in […]

Avatar

WAMS, Inc.

The experts at WAMS, Inc. all have a background in the legal industry and understand the software and the demands that come along with it. That’s why all our clients receive a dedicated account manager and engineer with specific planning that works for your business needs. We didn’t break into the tech world to pinch pennies from clients. We go into every partnership to help their business scale gracefully. Your company growth is our company growth, always.