A vulnerability in Apple’s AirDrop feature has been discovered by Australian security researcher Mark Dowd.  AirDrop is an “over-the-air” file sharing service that uses Bluetooth and WiFi, and is built into iOS and Mac OS X products. AirDrop automatically detects supported devices, and the devices need to be close enough to establish a good Wi-Fi connection in order to exchange files. The bug could allow someone within the range of an AirDrop user to silently install a malicious app on a target Apple device by sending the file via AirDrop.

The vulnerability affects iOS versions supporting AirDrop from iOS 7 up, as well as Mac OS X versions from Yosemite up.

 Protection Is An Easy Fix

• Be vigilant about installing patches from Apple. Upgrade your devices to iOS 9 and OS X 10.11 El Capitan as soon as they become available.
• Turn off Bluetooth and WiFi unless you are actively using it, if possible.  
• Limit AirDrop sharing to ‘Contacts Only’.
• If you don’t use AirDrop at all, you can disable it by swiping up from the bottom of the iOS screen. Tap on AirDrop, and tap on “Off.”