Apple’s iMessage Presents A Major Security Vulnerability, According To Google’s Project Zero

Tech giant Apple released bug fixes for five crucial security problems found in their operating system. The issues were vulnerable to exploit through its iMessage client application and were identified by security researchers for Google’s exploit-chasing Project Zero. However, BBC states, a problem that was reported didn’t receive a complete solving in the iOS 12.4 update.

All of the issues were reportedly remote and interactionless, which means that an attacker could take advantage of them without needing the owner of the targeted handset to do anything.

Among the weaknesses that were discovered, one was so grave that it could only be fixed by wiping a device with the loss of all data. Also, another vulnerability that was fixed required to siphon data off a device.

Google’s Project Zero Showed That Apple’s iMessage Presents A Major Security Vulnerability

That iMessage security vulnerability was not fixed in iOS 12.4 and can still be taken advantage of seems to be rather serious, according to BBC. However, Google’s Project Zero researcher Natalie Silvanovich tweeted that they were keeping the details hid until a bug fix deadline has passed.

According to ZDNet, it is possible that if Silvanovich ​and her colleague Samuel Groß​ have sold the five weaknesses that didn’t require the owner of the device to do anything on the black market or to an exploit buyer, they could have worth a minimum of one million dollars per piece. That’s because they provide attackers with the ability to permeate a target device without trace.

However, Apple is fortunate enough that the issues were identified by Project Zero and not by someone looking to cash in on them. As per ZDNet, Silvanovich has planned a discussion about the remote, interactionless iPhone weaknesses at next week’s Black Hat cybersecurity conference. A summary of the talk saying it will discuss the potential for flaws in SMS, MMS, Visual Voicemail, iMessage, and Mail, and it shows how to arrange tooling to test these elements.

About the Author: Sharon J. Beaulieu

Sharon J. Beaulieu is a seasoned technology writer at TechHX.com, where she combines her rich experience in software engineering with a passion for storytelling. With a background in computer science and a career spanning over a decade in tech development, Sharon offers a deep and nuanced understanding of the tech industry. Her articles are known for their in-depth analysis and clear explanations of complex tech concepts, making them accessible to a wide range of readers. Sharon's commitment to providing accurate and current tech insights has made her a respected and authoritative voice in the tech journalism community. Her work not only informs but also encourages readers to explore and understand the evolving digital landscape.

Leave a Reply

Your email address will not be published. Required fields are marked *