projetss4iutv Index du Forum

projetss4iutv
Forum pour regrouper les informations des différents membres de l'equipe pour les projets de l'iut

 FAQFAQ   RechercherRechercher   MembresMembres   GroupesGroupes   S’enregistrerS’enregistrer 
 ProfilProfil   Se connecter pour vérifier ses messages privésSe connecter pour vérifier ses messages privés   ConnexionConnexion 

Project Zero uncovers a nasty Wi-Fi chip exploit

 
Poster un nouveau sujet   Répondre au sujet    projetss4iutv Index du Forum -> projets S4
Sujet précédent :: Sujet suivant  
Auteur Message
markblake


Hors ligne

Inscrit le: 13 Juin 2017
Messages: 520

MessagePosté le: Sam 8 Juil - 10:52 (2017)    Sujet du message: Project Zero uncovers a nasty Wi-Fi chip exploit Répondre en citant

Google’s Project Zero has been on a roll lately, unveiling sophisticated bugs in Cloudflare, LastPass and now Broadcom, a Wi-Fi chip supplier whose product is found in iPhones, Nexuses and Samsung devices.

Apple patched the bug in a security update yesterday (10.3.1 — and if you’re an Apple customer, you should install this update right away) and Project Zero researcher Gal Beniamini explained the exploit in detail in a blog post today.

“An attacker within range may be able to execute arbitrary code on the Wi-Fi chip,” Apple said in its security update notes. This is not good! It is quite bad, product showcase video in fact, and that might explain why Apple pushed out 10.3.1 so quickly (10.3 was released only a week ago). Apple and Google declined to comment.

By chaining together a series of exploits on the Broadcom chip, Beniamini was able to demonstrate a “full device takeover by Wi-Fi proximity alone, requiring no user interaction.” This means an attacker on a shared Wi-Fi network could quietly compromise your device without ever tipping you off.

Beniamini demonstrated his research on a Nexus 6P, which might account for the equivocating “may be able” in Apple’s security update. Broadcom’s chips are widely used in the mobile phone industry, so the issue extends beyond Apple into other manufacturers, as well.

“Broadcom has been incredibly responsive and helpful, both in fixing the vulnerabilities and making the fixes available to affected vendors. For a complete timeline, see the bug tracker entries,” Beniamini wrote.

Expect more disclosures from Beniamini — the researcher promised to divulge more about the vulnerability soon.


Revenir en haut
Publicité






MessagePosté le: Sam 8 Juil - 10:52 (2017)    Sujet du message: Publicité

PublicitéSupprimer les publicités ?
Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    projetss4iutv Index du Forum -> projets S4 Toutes les heures sont au format GMT + 1 Heure
Page 1 sur 1

 
Sauter vers:  

Index | Panneau d’administration | creer un forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
Powered by phpBB © 2001, 2005 phpBB Group
Traduction par : phpBB-fr.com