iOS 9 was released to the public on Sept. 16, Wednesday. For users who were not sure as to whether they should upgrade to the new iOS 9, there is a little incentive.
Researchers are recommending users to upgrade to the new iOS 9 because of a new vulnerability in iOS 8.4.1. According to Azimuth Security, the Bluetooth susceptibility in iOS 8.4.1 allows hackers to install malicious apps on an unsuspecting victim's iPhone or MacBook as long as the device has Airdrop file sharing switched on. The hacker will only get within range of the device and send a malicious package that install without interaction immediately the gadget is switched off and restarted.
The malicious attack basically looks like a media file being shared through Airdrop. As soon as the file is transmitted, the user need not confirm or open it.
Talking to Forbes on how the Bluetooth attack works, Dowd said that the attack comprises of a number of different vulnerabilities - one in the iOS Airdrop components and the other concerns enterprise applications, which is a feature that enables firms to install their personal customized apps on Apple's mobile OS without using the App store.
While the latest iOS hacks need users to be jailbroken, Dowd's exploit does not. In addition to the attack installing an unapproved app on an unmodified iPhone, it also disables the pop-up prompt that requests for confirmation to install the program, leaving the user unaware that the device has been hacked.
Immediately the phone is restarted, the exploit starts doing the real dirty work of installing malware.
Dowd said, "The exploit happens without reboot, but the reboot is required to register the installed app with the system essentially so once the reboot has occurred, the phone will be infected."
However, once the malicious app is installed, there is no much that it can do because of Apple's safe sandboxed environment. Although the threat is limited, attackers can still track location or make -n-app payments from the user's iTunes account.
The only solution is for users to upgrade to the new iOS 9, which has no nasty Bluetooth Airdrop bug.