This article is more than 1 year old
Drive-by Wi-Fi i-Thing attack, oh my!
Don't skip this update
Apple hasn’t provided much detail, but you don’t want to ignore the latest iOS release – 10.3.1 – because it plugs a very nasty Wi-Fi vulnerability.
Cupertino has rushed out the emergency patch because: “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip” – meaning, presumably, that malicious packets gave attackers a vector.
The fix for the bug, which Apple attributes to Gal Beniamini of Google’s Project Zero, was a buffer overflow fixed by better input validation.
The bug affected iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later.
The release of 10.3.1 comes just a week after Apple released 10.3.
9to5Mac notes that while 10.3 left older 32-bit devices off the list, 10.3.1 includes them – indicating how serious Apple views the bug. ®