[ad_1]
iPhones can no longer be forced to crash with Flipper Zero tools, after an iOS 17.2 software update appears to have quashed the vulnerability. The patch was first reported by ZDNet, and later confirmed by 9to5Mac in further tests. For those unfamiliar, the Flipper Zero device is a pen-testing tool that can be as harmless or harmful as you make it. The tool won’t do any damage out of the box, but it can be used for nefarious purposes, which is why Amazon banned it earlier this year. After loading it up with third-party software, you can do a lot with the Flipper Zero, including disrupt iPhone users until a few days ago.
The Flipper Zero exploit was more of a prank than an actual security vulnerability, but it’s easy to see why Apple wanted the issue fixed for good. With the testing device, someone could use Bluetooth to send seemingly-endless connection notifications to a nearby iPhone. This extreme amount of connection requests would lock up an iPhone, causing it to crash. Essentially, it’s a simple denial-of-service (DoS) attack that overwhelms iOS will so many notifications that it forces a reboot. Though it’s basically harmless, it can be extremely frustrating to be on the wrong end of. And provided you needed your smartphone in an emergency, this DoS attack would have higher stakes.
Now, iPhone users won’t have to worry, as long as they’ve updated to iOS 17.2. Apple seeded the update on Dec. 12, so most users should already have the update by now. However, you can check to make sure your iPhone is up-to-date by heading to Settings > General > Software Update. The fix did take a while, since the Flipper Zero attack was first discovered in September.
Can the Flipper Zero still bother iPhone users?
Although the crashes and forced reboots are no longer an issue, the underlying vulnerability is still somewhat present. The Flipper Zero testing tool can send a few Bluetooth connection notifications to nearby iPhones, but not enough to send them into a loop. So, the Flipper Zero can be used to annoy people, but it won’t perform a DoS attack anymore. To be fair, there’s nothing more Apple can do to prevent Flipper Zero from connecting without also blocking valid Bluetooth devices as well.
Part of the reason the Flipper Zero is so effective is that it can be used at range. The pen testing tool can interact with devices from between 30 and 50 feet away, which is quite a bit of distance. If you’re in a big crowd, it would be hard to figure out who is messing with your devices. Luckily, that isn’t a worry for iOS 17.2 users anymore.
[ad_2]
Source link