On May 15, 2018, Pangu Lab announced the ZipperDown vulnerability, which allows a remote code execution attack on iOS apps. On May 22 Appthority released the Download Zip File Unencrypted Threat Indicator, at Risk Level 5, for both iOS and Android devices.
Appthority customers have advanced detection in place to identify iOS as well as Android apps that demonstrate the ZipperDown vulnerability in runtime by downloading a .zip file using an unencrypted connection.
Appthority recommends you use the new Download Zip File Unencrypted Threat Indicator in your organization’s Appthority MTP environment to take the appropriate action on apps that exhibit the ZipperDown vulnerability in runtime. This detection is most critical for EMM published applications (internal and public) as well as potentially for personally downloaded business related apps on employee devices.
From the Appthority MTP Manager portal, Appthority recommends the following steps:
Navigate to the Threat Indicators tab, find the new Download Zip File Unencrypted Threat Indicator and review the list of affected apps.
Configure the Download Zip File Unencrypted Threat Indicator in your Appthority environment and then add the new Threat Indicator to your custom App Policy set.
Note: Add a Market Category filter to the App Policy to find only business related applications affected by ZipperDown vulnerability in runtime.
Contact your Appthority account team directly or at email@example.com for further questions or to learn about other ways Appthority MTP can help protect against this threat with on-device MiTM detection.
Subscribing will provide email updates when this Article is updated. Login is required.