A new security vulnerability has emerged concerning Apple’s products, dubbed “Airborne” by cybersecurity experts at Oligo. This flaw primarily affects the AirPlay feature prevalent in Apple devices and the AirPlay SDK used by various third-party devices, including televisions, speakers, and receivers.

According to a report by Wired, this vulnerability allows malicious actors to exploit the AirPlay protocol, enabling them to inject malware and seize control of affected devices without any user interaction—this represents a zero-click attack.

Given that AirPlay is a widely utilized protocol for sharing audio and video across Apple devices, it is fortunate that Oligo had already informed Apple of the issues, leading to months of collaborative work to address them.

Mechanism of the Airborne Exploit

This Airborne vulnerability operates exclusively on local networks, meaning the attacker must be in close physical proximity to the target device and connected to the same network—this could be a home network, an office setup, or public Wi-Fi, such as at an airport.

If an attacker is on a local network where AirPlay devices are set to be discoverable, they can execute a zero-click attack, granting them immediate control over the device without any required action from the user. They might also deploy additional types of attacks, like Man-in-the-Middle (MITM) or Denial of Service (DoS) attacks.

On a Mac, this vulnerability allows the intruder to execute harmful code, while on other connected devices like Bluetooth speakers, they could manipulate the audio output or activate the microphone to eavesdrop on conversations. A video demonstration showcases researchers commandeering a Bose speaker due to this security oversight.

Update Your Apple Devices Now

Apple has issued patches for the Airborne vulnerability across its recent software updates. Therefore, users are strongly encouraged to upgrade their iPhones, iPads, Macs, Apple Watches, and Apple Vision Pros to the most recent version available. This can be done by navigating to Settings > General > Software Update on an iPhone or iPad, and System Settings > General > Software Update on a Mac.

Addressing Third-Party Device Vulnerabilities

While Oligo has collaborated closely with Apple to rectify the vulnerabilities within its devices, issues persist with third-party gadgets that utilize the AirPlay protocol, like your television or smart speaker. These devices, numbering in the tens of millions, present a significant risk as the security researchers cannot coordinate fixes with every individual manufacturer.

Though options for securing third-party devices are limited, users should promptly install any firmware updates provided by these devices’ manufacturers.

Protecting Against AirPlay Exploits

While updating your Apple devices is crucial, it might not be the sole requirement for protection. It’s also essential to take steps to decrease the chances of an attack on connected devices.

1. Ensure all third-party devices supporting AirPlay are kept updated.
2. Disable AirPlay when it’s not in use; for instance, on a Mac, navigate to System Settings > AirDrop & Handoff to turn off the AirPlay Receiver.
3. Only stream AirPlay content through devices you trust.
4. Limit access to your AirPlay streaming by setting it to only allow your current user on a Mac. This can be adjusted in Settings > General > AirDrop & Handoff, selecting Current User next to Allow AirPlay For.
5. Above all, refrain from using AirPlay on public networks or unrecognized connections, such as those found in cafes, airports, or hotels.