According to a report, Google researchers have found at least six critical flaws in iOS. The vulnerabilities are deep in the code of iMessages and can compromise the user’s phone without him even interacting with the device. Worth noting, that five of those issues have already been patched in iOS 12.4 update. But still, it’s interesting to see how these vulnerabilities could affect a user without his knowledge.
The vulnerabilities fall under the “interactionless” category. Four of the vulnerabilities require the attacker to send an executable code on iMessage. When the victim opens the message, the code will be executed. The other two flaws are memory exploits.
While five of them have been fixed, there is still one remaining. For obvious reasons, Google researches are keeping it as a secret until Apple fixes it. If you’re using an iPhone, updating to iOS 12.4 is strongly recommended. Although not all users will sleep safe knowing that there’s still one security flaw laying somewhere in the OS.
It’s great that security researches took hold of the vulnerabilities before anyone else. After all, some would pay millions to use the exploits before Apple noticing. Although most of them have been fixed, it’ll be just a matter of time before more vulnerabilities are exposed. Hopefully, those working in the shadows to help companies to find and address these flaws will be there too.