Apple users should immediately check whether their AirPlay-compatible devices are on the latest software stand. On Tuesday, security researchers mentioned the first details of several, serious weaknesses in the AirPlay protocol. These “Airborne” gaps can allow attackers to compromise AirPlay-enabled devices-if they are in the same WLAN as the security company Oligo warns. For Apple devices such as iPhones, iPads and Macs, updates have been updates since the end of January to close the gaps. According to the manufacturer, these are also removed from iOS 18.3 and MacOS 15.3, and Apple also released for older operating systems and devices.
Updates for iOS and MacOS are already available
On Apple devices, the AirPlay weak points were only used if users have changed the standard settings, emphasized the company to the magazine WIRED. No further details were given there: Probably it is about changes in “Settings> General> AirPlay & Integration”. Users who have released their device as an AirPlay receiver should check whether this is limited to their own Apple account (“allow AirPlay for: current user account”) and not “for everyone”.
While iPhones & Co can be easily patched and many users usually record the Apple updates quickly, other AirPlay devices remain a problem. The number of AirPlay-capable equipment from various manufacturers, including speakers and television, is probably in the double-digit million range, according to the security researchers. Until everything is patched here, it may take years – and some hardware will remain vulnerable. As long as an attacker manages to get into the respective WiFi, he could take on such airplay devices and use, for example, for further attacks. Since microphones are sometimes integrated in such accessories, eavesdropping are at least conceivable.
Specifically, the security researchers demonstrated an attack on an AirPlay-capable Bose speaker: an Airborne image replaced the Bose logo. Apple emphasized WIRED that there are usually only limited user data on smart home devices that could be affected.
Patches for Apple’s AirPlay-SDK
Apple also has for his AirPlay-SDK provided a corresponding patch – as well as for CarPlay. The infotainment system in the car is also vulnerable to the gaps, says Oligo, but the attacker must first connect to the on -board system. Other manufacturers must now also integrate the patches and ultimately remember to update their speakers and other networked AirPlay equipment.
Discover more from Apple News
Subscribe to get the latest posts sent to your email.