Google announced 6 major iOS vulnerabilities, which can be launched through iMessage
On July 31, two members of Google’s security team, Project Zero, announced six “no-interaction” security vulnerabilities affecting iOS. It is reported that these six “no interaction” security vulnerabilities can be launched through the iMessage client. Last week, July 22, Apple released iOS 12.4, which fixed these six security vulnerabilities.
According to Google researchers, four of the six security vulnerabilities could lead to malicious code execution on remote iOS devices without user interaction. All the attacker needs to do is send a “wrong format” message to the victim’s phone, and once the user opens and views the received message, the malicious code is executed. The 5th and 6th vulnerabilities allow an attacker to leak data from the device’s memory and read files from a remote device without user intervention.
According to the price list of the vulnerability trading platform Zerodium, similar to the vulnerabilities announced by Google this time, the price of each item may exceed $1 million. It is no exaggeration to say that Google’s public vulnerability information is worth more than $5 million, and is likely to reach $10 million. At the “Black Hat” security conference in Las Vegas next week, Google security researchers will hold a demo on remote and non-interactive iPhone vulnerabilities.
In fact, there is no a system that is completely immune to malware and other cyber threats. If possible, install reliable antivirus software on your device and update it to the latest version once it is available. Advanced antivirus software will help you block malware and stop unauthorized access to your device. It can recognize malicious network and fake sites to prevent attacks and scams. Besides, don’t visit suspicious websites or download software and other files from unknown websites or store. Update your software timely, and the vulnerabilities of old version will be fixed.
Published by & last updated on August 1, 2019 2:26 am
Leave a Reply
You must be logged in to post a comment.