AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks
ID: 1907e6a8-a4fd-5b73-9dc2-c53a3a7d4cff
STIX ID: report--1907e6a8-a4fd-5b73-9dc2-c53a3a7d4cff
Feed Name: The Hacker News
Researchers disclosed several vulnerabilities impacting AirDrop and Quick Share: three AirDrop/Apple-framework bugs that crash the sharingd service (including a stack overflow in the XML property-list parser affecting multiple Apple OSes) and multiple Quick Share flaws (session-handshake bypasses on Android/Samsung and a use-after-free in Google’s Windows app that could plausibly lead to code execution). Attacks are local (within wireless range or same network); fixes and mitigations are rolling out (Apple has patched one AirDrop bug, Google fixed the Windows bug, and vendors are investigating the rest). Users are advised to avoid the "Everyone" visibility setting and apply updates.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
