SSL latest vulnerability exposure can be used to attack iOS devices via WiFi

SSL is the latest vulnerability exposure, you can attack iOS devices via WiFi. Recently, Apple equipment has been proven to be able to attack through the wireless network, what is going on? Everybody wants to know why, then look at the following.

Researchers from Skycure said they found that a specially designed SSL certificate could be exploited by an attacker to crash the SSL of any program by regenerating the error. Through validation, the researchers found that the vulnerability could turn into a broader denial of service attack. Although the iOS system has far fewer vulnerabilities than Android, the flaw is unheard of by researchers.

What caused the iOS to leak and even get attacked? In iOS systems, repeated generation of SSL errors can lead to extreme situations in which the system enters a "Bootloop" state, which can occur only within a fixed WiFi network. The device itself cannot get rid of this error loop until it withdraws from the affected wireless network. Such vulnerabilities can cause users to crash, imagining that the iphone and ipad that are sitting at home are collapsing indefinitely, until the battery runs out and even the risk of an account being stolen.

Skycure warns Apple users that the new discovery, combined with a wireless router's vulnerability, could affect a zone to become a "no iOS device" area where Apple devices will collapse indefinitely. Through such a loophole, an app produces an SSL error that is constantly flashing, and the most serious problem of crashing is the Bootloop interface.

Skycure suggests that if you use an Apple device that crashes, disconnect your wireless network and restart your phone. Make sure your Apple device is in the latest version of iOS and avoid connecting to any free WiFi network. In particular, the need to identify fake operators or free wireless networks, our devices are sometimes automatically connected to the operator to provide free WiFi. An attacker could fall into a trap by establishing the same SSID and wireless password as the carrier network.