WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected

On July 17, 2021, the world became aware of WifiDemon, a critical zero-touch remote-code execution vulnerability impacting iOS devices. Research conducted and published by the ZecOps Mobile EDR team has proven that what was thought to be a network crash bug is in actuality a security risk for iOS devices. Variations of the vulnerability impact iOS 14.0 to 14.6, meaning even the newest versions of iOS are still at risk until Apple releases a patch and update.

The research team at ZecOps is reporting that the network crash issue is actually an unpatched zero-day vulnerability enabling attackers to remotely execute code on the victim’s phone or tablet without any interaction or notification for the end-user. While the zero-click component of the vulnerability was patched with iOS 14.4, newer versions of the mobile OS are still at risk to the zero-day remote code execution vulnerability.

The Zimperium team has verified the ZecOps research data and has verified that devices running Zimperium zIPS on iOS customers are protected against this zero-touch, zero-day vulnerability. No further action is necessary for Zimperium customers against this risk.

About Zimperium

Zimperium, the global leader in mobile security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebook threats. Powered by z9, Zimperium provides protection against device, network, phishing, and malicious app attacks. For more information or to schedule a demo, contact us today.

The post WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected appeared first on Zimperium Mobile Security Blog.

%post_title%

Source

Related Articles

New Advanced Android Malware Posing as “System Update”

Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious app. The new malware disguises … Read More

The post New Advanced Android Malware Posing as “System Update” appeared first on Zimperium Mobile Security Blog.

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally

Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and […]

The post GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally appeared first on Zimperium Mobile Security Blog.

5 Steps to Stronger K-12 Chromebook Security

As a second installment related to October’s Cybersecurity Awareness Month, we wanted to highlight the fact that we’re two months into the new school year and focus on the mobile security implications of both the hybrid and in-person models that educational institutions are grappling with protecting.  While so many educators, […]

The post 5 Steps to Stronger K-12 Chromebook Security appeared first on Zimperium Mobile Security Blog.

Top 4 Threats to O365 on Mobile Devices (and How to Stop Them)

Enterprises are continuing to work remotely and use BYO mobile devices. Doing so enables cost savings from a corporate standpoint and better user satisfaction from an employee standpoint. It also introduces and keeps Microsoft’s O365 as a mainstay.  I recently hosted a webinar with our very own Kern Smith, Vice President of Solution Engineering, on … Read More

The post Top 4 Threats to O365 on Mobile Devices (and How to Stop Them) appeared first on Zimperium Mobile Security Blog.