Google discovers six major security flaws in Apple’s iOS 12
Vulnerabilities in iMessage software can be exploited without any interaction from user
Security researchers at Google have uncovered six fundamental flaws in Apple’s iOS software that could expose iPhone users to cyberattacks.
Natalie Silvanovich and Samuel Gros, from the search giant’s Project Zero software “bug-hunting” team, have published the “details and demo exploit code” for five of six security flaws that can be exploited through iMessage in iOS 12, ZDNet reports.
The final security flaw has not been outlined publicly as Apple is still in the process of resolving the bug, the tech news site says.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
All six of the faults highlighted by the researchers are “interactionless”, which means they require no interaction from the user to run, according to The Verge.
Four of the vulnerabilities, including the one that has yet to be fixed, are triggered when an attacker sends “a message containing malicious code”, the site says. The glitch occurs as soon as the user opens the message.
The other two exploits can be used to “leak data from a device’s memory” and view files from an external device, adds ZDNet.
Whenever a software fault is discovered by Project Zero researchers, the manufacturer of the device is informed and given 90 days to come up with a fix, says Forbes. Information about the flaw is then publicly disclosed.
Are iPhone users in danger of a cyberattack?
Probably not in this instance. Apple fixed five of the six vulnerabilities last week and it shouldn’t be too long before the company addresses the final fault.
Although the California-based tech giant has not revealed how it tackled the security flaws, it has advised users that “keeping your software up to date is one of the most important things you can do to maintain your Apple product’s security”, the BBC reports.
To download the latest software for iPhones, currently listed as iOS 12.4, users simply need to go to their smartphone’s Settings app and then select the General tab before pressing Software Update.
Once in the update menu, the phone will inform the user whether a new version of iOS is available to download. If the device is running older software, the user will be given the option to download and install the most recent version, providing their phone isn’t too old to run the update.
Create an account with the same email registered to your subscription to unlock access.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Justice Department bites Apple with iPhone suit
Speed Read The lawsuit alleges that the tech company monopolized the smartphone industry
By Rafi Schwartz, The Week US Published
-
Artificial history
Opinion Google's AI tailored the past to fit modern mores, but only succeeded in erasing real historical crimes
By Theunis Bates Published
-
Apple kills its secret electric car project
Speed Read Many of the people from Project Titan are being reassigned to work on generative AI
By Peter Weber, The Week US Published
-
Is Google's new AI bot 'woke'?
Talking Points Gemini produced images of female popes and Black Vikings. Now the company has stepped back.
By Joel Mathis, The Week US Published
-
The pros and cons of virtual reality
Pros and cons The digital world is expanding, for better and for worse
By Devika Rao, The Week US Published
-
The Apple Vision Pro's dystopian debut
Why everyone's talking about Is "spatial computing" the next big thing?
By Theara Coleman, The Week US Published
-
Why Google search results have 'gotten worse'
Under The Radar Search engines are 'flooded' with 'garbage' content, say experts
By Chas Newkey-Burden, The Week UK Published
-
2023: the year of the AI boom
the explainer This year, generative artificial intelligence bypassed the metaverse and became the next big thing in tech
By Theara Coleman, The Week US Published