Kaspersky Lab details 'Darwin Nuke' security vulnerability affecting iPhone and iPad

Unpatched software could lead to DoS attacks that render Apple devices unusable

Kaspersky Lab has discovered a security vulnerability in Apple iPhone, iPad and Mac operating systems that leaves the devices open to attack.

The security firm's latest vulnerability discovery comes shortly after it revealed details of EquationDrug, the NSA's online malware platform.

The "Darwin Nuke" vulnerability originates in the kernel of Darwin, an open-source component of both the OS X and iOS operating systems, exposing them to the possibility of remotely activated denial of service (DoS) attacks, which could also ultimately be used to cause damage to corporate networks.

According to analysis by Kaspersky Lab, the Darwin Nuke vulnerability affects iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini 3, all of which operate on iOS 8 and 64-bit processors.

If left unchecked, cyber attackers could exploit the vulnerability by sending an IP packet of specific size but with invalid IP options (such as size or class) to the affected device causing it to crash. However, the nature of the packets would have to fall within strict criteria for the attack to succeed.

"At first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones. But persistent cyber criminals can do so, breaking down devices or even affecting the activity of corporate networks," explained Anton Ivanov, senior malware analyst at Kaspersky Lab.

"Routers and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the internet routers," he continued.

Ivanov added that the best way to defend against Darwin Nuke is to update OS X and iOS software, as newer editions of it aren't susceptible to the vulnerability.

"We'd like to warn all OS X 10.10 and iOS 8 users to update devices to OS X 10.10.3 and iOS 8.3 releases," he said.

Kaspersky Lab also offered general tips for boosting the security of Mac devices, including to use a web browser that has a solid track record of fixing security issues promptly, to run software updates as soon as they appear and to use a password manager to help cope with phishing attacks.

For some time it was generally believed that Apple iPhone and iPads were relatively impervious to malware, but there are an increasing number of examples that demonstrate that these devices can be breached.

Palo Alto Networks discovered the WireLucker virus last year, a piece of iOS malware that logged calls and phonebooks.

Apple was also accused of leaving a critical security flaw named Masque unpatched for months, despite evidence showing the vulnerability was being actively exploited by cyber criminals.