Known as “AirBorne”, the flaws expose Apple users to cyberattacks even in common public spaces such as cafés, airports and offices
A set of security vulnerabilities uncovered in Apple’s AirPlay feature could allow hackers to infiltrate devices on the same Wi-Fi network, potentially spreading malware and stealing data across a wide range of smart-home technology.
Known as “AirBorne”, the flaws expose Apple users to cyberattacks even in common public spaces such as cafés, airports and offices, according to reports from the New York Post. Once connected to the same network, attackers could use the weaknesses to deploy malicious software, access private information or even listen in on conversations.
The vulnerabilities – 23 in total – were found in the underlying AirPlay protocol and software development kit (SDK) used to stream music, photos and video between Apple devices and third-party products such as smart TVs, speakers and car systems. While Apple has issued patches for its devices, many third-party manufacturers are yet to release fixes, potentially leaving millions of gadgets exposed.
“Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch – or they will never be patched,” Gal Elbaz, chief technology officer and cofounder of Israeli cybersecurity firm Oligo, told Wired. “And it’s all because of vulnerabilities in one piece of software that affects everything.”
Security experts are advising users to update all devices connected to AirPlay and to disable the feature when not in use. Devices that do not receive regular firmware updates – a common issue in the fragmented smart-home market – may remain at risk indefinitely.
