ZipperDown Vulnerability: 100 Million iOS Users (Not Using Zimperium) at Risk of Exploit

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

Last Monday, security researchers from iOS jailbreak firm, Pangu Lab, announced a vulnerability that they believe affects around 10% of all iOS apps. In a blog on its newly created information site, https://zipperdown.org/ , Pangu stated that its researchers noticed “a common programming error, which leads to severe consequences such as data overwritten and even code execution in the context of affected Apps.”  Pangu calculated that the infected apps may expose 100 million users or more. To avoid leaking the details of the programming error, Pangu named it “ZipperDown”.

What follow is a brief description of the vulnerability (as it is known today), and then a description of how zIPS (powered by the most effective and complete mobile machine learning engine in the world, z9) detects exploitation attempts on the device. The end result is that zIPS users are safe without any updates.

Preliminary ZipperDown Analysis

According to Pangu, “To protect the end-users, the detail of ZipperDown is not available to the public for now.” However, our researchers have discussed the vulnerability / programming error with Pangu, and believe that the issue lies in a 3rd party library that many apps are using. It is our team’s assessment that ZipperDown is not about malware, but about a vulnerability being exploited in several apps via a MITM on the network.

How Zimperium Helps Combat ZipperDown

Zimperium zIPS, powered by z9, detects MITMs and the exploits that can leverage ZipperDown, and can prevent them from executing via customer-defined policy enforcement.

Zimperium’s on-device, machine learning-based detection has many advantages. One of which is Zimperium’s full “Kill Chain” detection, wherein z9 detects attacks at multiple steps, without any updating or signatures. In this case, z9 detects MITMs and any exploits attempting to elevate privileges and compromise the device.

For more information about Zimperium or our offerings, please visit us at www.zimperium.com or request a live demo here.

 

The post ZipperDown Vulnerability: 100 Million iOS Users (Not Using Zimperium) at Risk of Exploit appeared first on Zimperium Mobile Security Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
1986 Followers
About Zimperium
Zimperium, the industry leader in Mobile Threat Defense, offers real-time, on-device protection against both known and previously unknown threats, enabling detection and remediation of attacks on all three mobile threat vectors - Device, Network and Applications. Zimperium’s patented z9™ detection engine uses machine learning to power zIPS™, mobile on-device Intrusion Prevention System app, and zIAP™, an embedded, In-App Protection SDK that delivers self-protecting iOS and Android apps. Leaders across the mobile ecosystem partner with Zimperium, including mobile operators (Airtel, Deutsche Telekom, SmarTone, SoftBank and Telstra), device manufacturers (Samsung, SIRIN, TriGem), and leading enterprise mobility management (EMM) providers (AirWatch, MobileIron, BlackBerry, Citrix and SAP). Headquartered in San Francisco, Zimperium is backed by Sierra Ventures, Samsung, Telstra, Warburg Pincus and SoftBank. Learn more at www.zimperium.com or our official blog at https://blog.zimperium.com.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel