Security researchers are urging iPhone users to upgrade their operating systems to version 8.3 immediately after discovering a now-fixed vulnerability which could render the handset virtually useless.
The so-called ‘Phantom’ vulnerability forces most apps to crash, causes “sluggish” system performance, and can prevent the phone from rebooting, FireEye researchers wrote in a blog post this week.
CVE-2015-1118 was confirmed by Apple as a memory corruption issue in libnetcore and fixed in the latest version of iOS released on Wednesday.
FireEye said that by configuring iOS’s HTTP proxy to “abnormal values” an attacker could force multiple use-after-free (UAF) issues in dynamic library, libsystem_network.dylib.
There are various ways to do this, the research team explained.
The first would be to install a “configuration profile,” they said:
“An attacker may distribute a malicious profile containing proxy settings to users connected to a given WIFI hotspot. If the attacker has convincing social-engineering skills, a user who doesn’t understand the security risks might proceed to install a malicious profile. The attacker can then modify the victim’s proxy settings to launch Phantom attacks.”
However, this method is unlikely to work as users would receive a warning that it was happening
Another method would be to use a proxy auto-configuration (PAC) file.
“Though widely used by public WIFI providers such as school libraries, a PAC file may be vulnerable to hijacking attacks when deployed through insecure channels such as HTTP. An attacker may hijack the HTTP traffic and modify the PAC file to launch a Phantom attack,” FireEye explained.
“After being attacked, the user cannot use any networking apps which all terminate immediately. The system logs keep showing crash information from various processes. As an attempt to fix the issue, the victim reboots the phone. However, the situation turns out to be even worse, i.e. the phone comes into a coma state that keeps generating crash information and doesn’t respond to user inputs.”
Aside from upgrading iOS immediately, FireEye urged enterprise IT departments to educate iPhone-wielding staff to understand all the warnings that may be flashed up to them on the device.
It also called on public Wi-Fi providers to protect users by enforcing secure deployment of PAC files through HTTPS.