Quick Share and AirDrop Found Vulnerable to Nearby Wireless Attacks

SammyGuru is reader-supported. We have affiliate and sponsored partnerships, so we may earn a commission when you buy through links on our site — at no extra cost to you. Learn more.
Android’s Quick Share and Apple’s AirDrop have made sharing photos, videos, and files between nearby devices convenient. However, newly discovered security flaws in both services put more than 5 billion active devices at risk. The vulnerabilities could allow nearby attackers to ruin the file-sharing experience. The good news is that most of the flaws have already been patched.
Researchers found security weaknesses in Quick Share and AirDrop
Researchers at the CISPA Helmholtz Center for Information Security (via Android Authority) discovered security flaws in AirDrop and Quick Share. The team found that an attacker within about 30 meters of a target device can exploit the bugs. More concerning is that the attack does not need to send a phishing link, share a network, or have physical contact with the device.
On Apple devices, the vulnerability affects a background service that powers features such as AirDrop, AirPlay, Handoff, Universal Clipboard, and Continuity Camera. Researchers found that a request could cause this service to crash, disabling the features. In fact, an attacker can send crash packets in a loop to create a persistent denial of service.
The researchers also analyzed Quick Share on a Samsung Galaxy S23 Ultra and on Windows. They identified logic bypasses that allowed a bad actor to skip security checks. A memory corruption issue in the Windows client also came to light.
These vulnerabilities won’t allow attackers to steal photos, documents, or other data from your device. The main issue is a denial-of-service attack that makes wireless sharing features unreliable. Apple already addressed one of the AirDrop vulnerabilities, while Google pushed a patch for its Windows Quick Share client. The remaining issues are expected to be fixed soon.
So, make sure to install the latest software updates as soon as they hit your device. Moreover, you should change AirDrop or Quick Share settings from “Everyone” to “Contacts Only.” These steps could prevent nearby attackers from taking advantage of newly discovered vulnerabilities.














