Apple's AirPlay feature allows seamless streaming of music, photos, and videos across Apple devices and compatible third-party speakers and TVs. However, newly discovered security vulnerabilities in AirPlay could enable hackers to exploit these wireless connections, spreading malware between devices within the same network. Despite regular fixes for Apple products, many smart-home devices may remain vulnerable due to infrequent updates, leaving potential risks for years across numerous AirPlay-enabled models.
According to the New York Post, what's being called "AirBorne" allows hackers to deploy malware, snoop on your private data, or even eavesdrop on your conversations when connected to the same Wi-Fi network as your devices, which includes public places like airports, coffee shops, or even your work office. To keep hackers out, users are advised to update all devices to the latest software, especially those connected to AirPlay.
It's also recommended to disable the AirPlay feature altogether if not in use because it serves as an access point for hackers to possibly take control of your device.
"Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch - or they will never be patched," Gal Elbaz, chief technology officer and cofounder of Tel Aviv-based cybersecurity firm Oligo, told Wired.
"And it's all because of vulnerabilities in one piece of software that affects everything."
The flaws - 23 of them, to be exact - were found in Apple's AirPlay protocol and software development kit (SDK), which lets users beam photos, music, and video between devices.
While Apple has released security updates to fix the flaw in their devices, millions of third-party gadgets - from smart TVs to set-top boxes and car systems - may still be sitting ducks if their manufacturers haven't patched them.
