The Guardian reports, Nitay Artenstein has revealed the security flaw on Thursday at the Black Hat information security conference in Las Vegas. The bug utilizes a few errors in WLAN chips made by Broadcom. The affected chips are found in Apple's iPhone, Samsung Galaxy models and Google Nexus Smartphone. There could be other Smartphone affected.
This vulnerability in the chips is particularly special, interesting and powerful because the security flaw can be completely exploited from afar. The victim gets nothing from the infection, the attacker does not need to know any specific data about the device to be infected. The infection occurs without the device of the victim crashing or a particular app has to be executed. On the Black Hat, he showed as a proof-of-concept a self-programmed "Worm", which fell on its own independently from a Galaxy smartphone.
The only prerequisite for the widening of the bug is that two devices with the security flaw are close to each other. Fortunately, the bug still has a weakness. Currently, it can not skip from the WLAN chip to the software of the smartphone. Attackers can only paralyze the WLAN function of the smartphones. However, the bug could be used in combination with other security flaws to deal significantly more damage.
Therefore, the latest updates released by Apple and Google should close this flaw. For iOS, it is the update 10.3.3, for Android the patch is included in July Security Update.