Patch Up That iThang; A Half Dozen Interactionless Vulnerabilities Are Looking For You
What Were You Doing Before You Didn’t Do Anything?
The good news is that upgrading to iOS 12.4 will protect you from five recently discovered security issues with iMessage; the bad news is that there were six revealed. Researchers from Google’s Project Zero uncovered a half dozen bugs which attackers can exploit without any input or interaction required by you on the phone. The attacks are triggered by receiving an iMessage containing malicious code, you don’t have to open them as their arrival is enough to leverage the vulnerability.
The Inquirer lists the details of the five patched flaws, which allow an attacker to intercept communications, cause apps to crash, trigger arbitrary code execution and remotely read or leak files. As the sixth has yet to be patched, the details have not yet been released but hopefully a patch is soon forthcoming.
Project Zero researchers Natalie Silvanovich and Samuel Groß uncovered the bugs and noted that they are "interactionless", meaning they can be exploited without needing the target to do anything thanks to a vulnerability in iMessage.
More Tech News From Around The Web
- Chrome 76 finally forces Flash to be flushed forthwith @ The Inquirer
- He’s coming for your floppy: Linus Torvalds is killing off support for legacy disk drive tech @ The Register
- Microsoft is killing Skype for Business Online in 2021@ The Inquirer
- Microsoft snubs Hololens loyalists by already ending feature updates – even though version 2 isn’t out yet @ The Register
- Fix LibreOffice now to thwart silent macro viruses – and here’s how to pwn those who haven’t @ The Register
- Guru3D Rig of the Month – July 2019