According to a report by website ZDNet, there’s a bug within Apple’s iOS software that could allow hackers to exploit a flaw in the iMessage software. And supposedly, despite being found prior to Apple’s latest round of software updates, it has yet to be fixed.
Based on the report, it’s understood that researchers have previously found six software vulnerabilities. While five of those have been rectified by Apple’s latest iOS update, iOS 12.4, one flaw remains.
Researchers in Google’s Project Zero team found the defects in Apple’s software, referring to them as ‘interactionless’ – meaning that the exploits don’t require any user input to be abused.
All of these bugs relate to the iMessage client software, with four of them counting on an attacker distributing messages that contain malicious code. When a user receives and opens the message, the code can be executed on the victim’s device. The other two defects exploit a bug within Apple’s memory management processes, allowing attackers to scour data from a victim’s phone and transfer it onto a remote, third-party device.
Though these might not sound like major flaws, Appleinsider have reported on the fact that each bug would’ve been worth around $1 to $4 million dollars if sold to cyber criminals on the black market. This highlights the importance of software research teams like Google’s Project Zero.
If you’re using an iPhone, then it’s worth making sure that your software is up to date. Even though this final defect hasn’t yet been fixed – or detailed by the company, for fear of tipping off cyber criminals – you should still make sure you’re protected against those that have been rectified.
To check whether you’re up to date, look for the Software Update option within the General area of your Settings application. If there’s a red icon like you see in the above image, then it’s time to update. Alternatively, if you need any help getting your phone updated and secure, then get in touch with WiseGuys on 0808 123 2820.