Millions of Android phones are at risk of being remotely hacked due to a security flaw called Broadpwn. Google has issued out a patch to fix the critical bug, as well as other vulnerabilities in its July monthly security update. However, Broadpwn, which researchers linked to a flaw in Broadcom WiFi chips, also affects iOS devices.
Broadpwn is a critical remote execution flaw found in Broadcom's BCM43xx family of WiFi chipsets, which allows hackers to remotely execute malicious code on targeted devices without user interaction.
Google described Broadpwn as "the most severe" of the issues it patched this month, adding that the bug "could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process." Google also said that it had "no reports" of any of the vulnerabilities that it patched having been used in attacks.
According to Nitay Artenstein, a security researcher with Exodus Intelligence who discovered the flaw, Broadpwn "is found in an extraordinarily wide range of mobile devices – from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices." Artenstein is slated to present his research on Broadpwn at this year's upcoming Black Hat USA.
There's not much information about how Broadpwn functions. However, according to Sophos security researcher Paul Ducklin, "a crook who's within Wi-Fi range could fire off booby-trapped network packets at your Wi-Fi hardware, trigger a bug in the wireless device and end up with the same programmatic powers as the Android operating system on your device."
Apart from Broadpwn, Google also issued fixes for 10 other critical remote code execution flaws, as well as 94 high and 32 moderate rated vulnerabilities.
Given the nature of the flaws Google fixed, it is essential that users patch their devices.