Security gaps in systems can pose all kinds of dangers - iOS can also sometimes be affected - as in the current case. Google's elite security researchers have now presented six vulnerabilities in iPhone and iPad and they are quite serious.
Two members of Project Zero - Google's elite bug search team - have presented details of five of a total of six so-called "Zero Interaction" vulnerabilities - a demo code was also presented - reports ZDnet. The errors allow attackers to take complete control of the iPhone and iPad - a message via iMessage is all it takes. The five bugs presented have already been fixed in iOS 12.4 - the sixth vulnerability has not yet been eliminated by Apple. For this reason, Google is keeping the dangerous vulnerability under wraps until it is removed. According to the researchers, four of the six iOS security vulnerabilities can be exploited to execute malicious code on any iPhone or iPad - sending a faulty message via iMessage would be enough - if the user opens it, the attacker immediately takes complete control of the affected device.
Particularly dangerous compared to other vulnerabilities in iOS and macOS
The fifth and sixth vulnerabilities allow the attacker to read, extract and delete data from the devices - user interaction is not even necessary. In the course of eliminating the vulnerabilities, Apple tried to neutralize all six vulnerabilities with iOS 12.4 - unfortunately one of them remained - according to Google. As soon as the last gap has been eliminated, Google will disclose the details.
According to the company, all six vulnerabilities were discovered by members of the Project Zero team and immediately reported to Apple. These types of exploits are particularly bad compared to other bugs in iOS and macOS because of the way they work. Most security holes require a specific sequence of interactions on the part of the user - in this case, the step is omitted - reading an incorrect message is enough - which makes the whole thing seem particularly dangerous.
Update urgently needed
Such information is worth large sums on the black market - it is paid for by both normal companies and governments - and misuse cannot be ruled out. Observers believe that these six vulnerabilities are worth around 10 million US dollars. Anyone who has not yet installed iOS 12.4 on their iPhone or iPad should do so as soon as possible - the risk of losing control of their own device is enormous. Apple AirPods with wireless charging case on special offer on Amazon – only for a limited time
Don't want to miss any more news? Then subscribe to our Telegram channel here
[poll id=“12″]
