Apple’s approach to the creation of new features is always inherent in safety and spontaneous feature. For example, Airplay, a wireless standard created by the company, which allows users to stream audio and video from one device to another.
Airplay works not only on apple devices, but also on TV and speakers cleared by the company to offer wireless streaming facilities. It also makes it a cooked target for attacks, and it seems that in fact, wireless lanes have weaknesses that can allow bad actors to infect seed malware and more connected equipment.
Understanding airplay risk
Safety research firm expert Oligo Recently detailed Airborn, a set of flaws in the airplay protocol of Apple and AirPlay software development kit (SDK) that may allow hackers to allow remote code to execute the code. These weaknesses can give bad actors to control equipment and use infected machines to widen damage.
“An attacker can handle some airplay-enabled devices and do things such as deploying malware that spreads to equipment on any local network connecting the infected device,” Oligo explained. The risk is very large because there are billions of apple equipment that support the airplay, and millions are sold by other brands.
One of the weaknesses may allow hackers to compromise a device and then use it to gain access to a large network, potentially also targets other devices. Depending on the target, risks on the risk conversation to track the location of the car, reach sensitive information, ransomware attacks and refusal to serve.
Apple has patched weaknesses through Macos Sequoia 15.4, TVOS 18.4, Macos Ventura 13.7.5, iPados 17.7.6, Macos Sonoma 14.7.7.5, iOS 18.4 and iPados 18.4, Visionos 2.4 updates. However, there are potentially thousands of old equipment that will never get patch and will remain insecure.
What steps do experts explain?
Of course, the first line of defense to protect themselves in all weak devices is to download the fix released by Apple. But this is not the whole picture. The founder of Trevor Horwitz, CISO and Trustnet, says that the patch will work only when people install it after downloading the package on their device.
“The simplest and most effective thing you can do is keep your equipment updated. It seems basic, but it is often ignored,” they say. On iPhone or iPad, follow this route to install security update: Settings> General> Software UpdateFor Macos, you have to walk this path: Apple menu> system. Settings> General> Software Update,
Since attack vectors like Airborn rely on the Wi-Fi network to expand their losses, you should also pay attention to them. Oleh Kulchkski, Senior Malware of McPop’s Moonlock, told Digitaltelands that a zero-click remote code execution (RCE) is the highest level of safety violations.
It should be patched immediately by companies involved, but as a user, one should take precautions related to the network. “To be safe at home, make sure your router has a strong password and has no doubtful relations for your network,” says Kulchartsky.
A safe way of airplay
An experienced iOS researcher and Iveriff’s cofounder, Mathius Frilingsdorf, tells me that everyone should follow the basic digital safety protocol. These include installing updates as soon as they are available, maintaining a strong network password, and most importantly to reduce the surface area for such attacks.
Since the airplay is the danger vector, users should take active steps when using it. “To disable it on iOS / MACOS / TVOS devices, which do not need to have an airplay receiver, will limit some attacks. In public places, disabled wifi on Mac and iPhone will also stop those attacks,” callsdorf.
Airplay is active by streaming default, and thus, you need to disable it. To do this, follow this path on your iPhone or iPad: Settings> General> Airplay and continuity> AskYou can also set it NeverIf you do not actively use this feature. There is also an option to set a password, which I suggest that you enable it, while on it.
What about airplay? Can it be disabled? Yes, it can be completely closed. On your iPhone and iPad, go to Airplay and continuity page and close the airplay receiver togle. Alternatively, you can only choose to allow Airplay for the current user, instead to keep it open for all in the range.
For Mac users, this is the path you need to follow: Apple menu> System Settings> General> Aircraft & Handoff> Airplay ReceiverYou cannot always patch old or closed devices, so it is best to ensure that machines that are currently in your hands have enabled the right protocol to reduce risks.
Bottom line
On several occasions in the past, security experts have exposed the flaws in the wireless transmission system, such as Bluetooth. But a vulnerability that allows zero-click distance code in the airplay is a caution story. The message is clear.
Apple’s safety railings are solid, but not impermeable.
Trustnet’s Horwitz told digital trends, “This is serious integration. Airplay is not just a standalone app. It is a system-level service that is manufactured in iOS, MACOS and TVOS. So the moment the layer is compromised, the attacker can potentially affect several devices,” Trustnet’s Horwitz told digital trends.
So, where does it leave an average user who is not intelligent about safety measures? Well, it is time to isolate assumptions and market notion. Chris Hill, Chief Security Strategist of BeyondTust, states that users should understand the danger landscape rather than living with the idea that a certain ecosystem is safe than the rest.
“The actor of danger is opportunistic, at least looking for the easiest route of resistance, they will find it, and they did it with Airplay and Airborn in the matter,” he warns. The bottom line is to keep your devices updated, disable the characteristics you do not use, and be cautious with network-related settings.
