Six vulnerabilities in AirDrop and Quick Share expose more than 5 billion iOS, Android, macOS and Windows devices to nearby attacks, with researchers saying a laptop within 10 to 30 meters can trigger them.
Three AirDrop flaws target Apple’s sharingd service, where crafted commands can crash the process and knock out AirDrop, AirPlay, Universal Clipboard, Continuity Camera and Handoff.
Three Quick Share flaws stem from frames being processed before full key exchange, letting attackers bypass checks, revive sessions with unencrypted data and trigger a use-after-free issue on Windows.
Apple and Google were already notified; two fixes have been released and four issues remain under coordinated disclosure pending official patches.
Users can reduce exposure now by switching AirDrop and Quick Share from “Everyone” to contacts-only or off, limiting unsolicited nearby connections.