Particle.news
Download on the App Store

AirDrop and Quick Share Flaws Can Let Nearby Attackers Crash Sharing on Billions of Devices

Vendors have begun rolling out fixes while researchers published test tools and urged protocol redesign to close the large pre‑authentication attack surface.

Overview

  • Researchers at the CISPA Helmholtz Center for Information Security disclosed six flaws on June 30 that affect AirDrop and Quick Share implementations on macOS, iOS, Android, and Windows.
  • All three AirDrop bugs cause the privileged sharingd background service to crash, which also disables AirPlay, Handoff, Universal Clipboard, and Continuity Camera when a target device is set to receive from Everyone.
  • Quick Share issues include protocol logic bypasses that let certain frames be processed before authentication and a Windows use‑after‑free memory bug that reliably crashes the client and has received a Google bug bounty and a code fix.
  • The attacks are strictly local, requiring an attacker within roughly 10–30 meters with no pairing or shared Wi‑Fi, and researchers did not demonstrate data theft or a working remote code‑execution exploit though the Windows memory bug is plausibly exploitable.
  • Practical steps are to install vendor updates, keep AirDrop or Quick Share visibility set to Contacts Only or off when unused, and follow researchers’ design guidance to centralize authentication, minimize privileged pre‑auth code, and adopt protocol‑aware fuzzing.