The researchers presented the vulnerability at the RSA security conference in San Francisco today. The bug affects iOS 8 and takes advantage of the bug in it by manipulating the SSL certificates sent to the iPhone or iPad and making them crash or putting them in a constant restart loop. The SSL certificates are used by all apps on iOS and the iOS itself the authenticate and run. If you thought that not connecting to random Wi-Fi hotspots wont land you in trouble with the above vulnerability, the security researchers have combined the SSL certificate flaw with an older exploit called WiFiGate. After combining the two vulnerabilities, they found that iOS devices are pre-programmed by the carrier to automatically connect to certain networks. For example, AT&T customers will auto-connect to any network called ‘attwifi’. So there’s no way to prevent your phone from doing this other than turning the Wi-Fi completely off unless you are in a trusted zone. The Skycure team during the presentation, created a Wi-Fi hotspot using the two vulnerabilities, which made any iPhone and iPad in the vicinity connect to it and crash or go into a bootloop. Once the iPhone or iPad homed in on to the corrupt Wi-Fi hotspot there is not possibility for the user to recover or to turn of the Wi-Fi because the iPhone/iPad is in a continuous bootloop.
Skycure said that they were working with Apple for a fix to the iOS operating system and they are not sure whether Apple’s latest version, iOS 8.3 may have fixed the issue, and till such time they havent disclosed the Proof of Concept. They stated that iPhone and iPad users can avoid this vulnerability by using following ways :
