Updated
Updated · Boy Genius Report · Jun 30
CISPA Exposes 6 AirDrop, Quick Share Flaws Affecting 5 Billion Devices
Updated
Updated · Boy Genius Report · Jun 30

CISPA Exposes 6 AirDrop, Quick Share Flaws Affecting 5 Billion Devices

3 articles · Updated · Boy Genius Report · Jun 30

Summary

  • Six vulnerabilities in AirDrop and Quick Share expose more than 5 billion iOS, Android, macOS and Windows devices to nearby attacks, with researchers saying a laptop within 10 to 30 meters can trigger them.
  • Three AirDrop flaws target Apple’s sharingd service, where crafted commands can crash the process and knock out AirDrop, AirPlay, Universal Clipboard, Continuity Camera and Handoff.
  • Three Quick Share flaws stem from frames being processed before full key exchange, letting attackers bypass checks, revive sessions with unencrypted data and trigger a use-after-free issue on Windows.
  • Apple and Google were already notified; two fixes have been released and four issues remain under coordinated disclosure pending official patches.
  • Users can reduce exposure now by switching AirDrop and Quick Share from “Everyone” to contacts-only or off, limiting unsolicited nearby connections.

Insights

Five billion devices are at risk due to file-sharing ease. Has our demand for connectivity outpaced our need for security?
As AI helps hackers find flaws in hours, is the security of our personal devices already a losing battle?