The iOS 10.3.1 update that came out earlier this week might have seemed like “just another security and bug fix update”, but the security notes issued for the update provide a reason why every owner of an iOS device running 10.3 should install the new update as soon as possible.
The update patches a vulnerability discovered and documented by Gal Beniamini of Google Project Zero in which “an attacker within range may be able to execute arbitrary code on the Wi-Fi chip”. This vulnerability takes advantage of a bug in the code in Broadcom’s Wi-Fi stack, which Apple and other manufacturers use in mobile devices.
Craig Young of cyber security firm Tripwire’s Vulnerability and Exposures Research Team suggests that anyone with a device with an affected Broadcom chip — including the iPhone 4 and newer, all iPads and all iPod touch devices — should disable Wi-Fi in public spaces until a fix is applied through an iOS update.
Apple made iOS 10.3.1 available to 32-bit devices that were not included in the original iOS 10.3 rollout, so it appears that the company is taking the vulnerability quite seriously. The patch can be installed on iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later. It’s available through over-the-air updates in Settings > Software Update.