This week’s iOS 10.3.1 update might have seemed anticlimactic by comparison to the original 10.3 update, but a quick look at the security notes issued for the update shows a very good reason why every owner of an iOS device running 10.3 should install the new update immediately.
The update patches a vulnerability discovered and documented by Gal Beniamini of Google Project Zero in which “an attacker within range may be able to execute arbitrary code on the Wi-Fi chip”. This vulnerability took advantage of a bug in the code in Broadcom’s Wi-Fi stack, which Apple uses in its devices.
At this point, Craig Young of cyber security firm Tripwire’s Vulnerability and Exposures Research Team is suggesting that anyone with a device with an affected Broadcom chip — which includes the iPhone 4 and newer, all iPads and all iPod touch devices — should disable Wi-Fi in public spaces until a fix is applied.
Apple found the issue to be so worrisome that it made iOS 10.3.1 available even to some 32-bit devices that were not included in the original iOS 10.3 rollout. The patch can be installed on iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later.
