A recently announced iOS flaw allows an attacker to install malware on a target device with AirDrop enabled through a directory traversal attack. How does this threat work? What is the best way to stop directory traversal attacks? And are other mobile file-transfer applications vulnerable to this threat?
Security researcher Mark Dowd discovered a vulnerability in AirDrop that allowed him to install malware on a device. He presented his findings during a conference at Ruxcon 2015 in Melbourne, Australia, and demonstrated the vulnerability in a video. The vulnerability is a classic race condition, where permissions are required to do something, but the software does not confirm the permission was received before performing the requested action. A directory traversal attack is performed when the attacker takes advantage of this lack of permission validation on AirDrop, and uses the feature to access another user's Apple device.
AirDrop is a feature that allows iOS and OS X users to share photos, videos, locations, and other data with nearby Apple devices via Wi-Fi. It sounds like a useful feature, but it also poses the potential risk of granting unauthorized access to someone's Apple device and data. AirDrop is not enabled by default, but when enabled on iOS or OS X, it opens a device to this significant vulnerability. Fortunately, the AirDrop vulnerability has been patched as of October 2015, but directory traversal attacks of this kind are still a threat to enterprises. Apple explained in its iOS 9 security guide that an enterprise can control the AirDrop configurations with a mobile device management tool; an MDM product that can safely configure or disable AirDrop on corporate devices and systems is the best approach for enterprises.
Secure software development practices at Apple appear to be lagging behind the state of software security, according to the Building Security In Maturity Model project. Current best practices for secure software development from BSIMM could be used by software developers to prevent future directory traversal attacks. The Attack Models and Security Features & Design sections from the BSIMM can help identify similar vulnerabilities, and design the necessary security checks to prevent those vulnerabilities.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Read more on the KeyRaider iOS malware that targets jailbroken devices
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
An iPhone phishing scam leads users to believe malicious incoming calls are from Apple Support. How can enterprises protect their employee against ... Continue Reading
Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't. Continue Reading
The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.