Date:31/07/19
Six critical security vulnerabilities that were patched in the iOS 12.4 update released earlier this month were originally discovered by security researchers at Google. Natalie Silvanovich and Samuel Groß, two members of Google's Project Zero bug-hunting team, alerted Apple to the issues. Silvanovich will be laying out the details on several of the bugs and provide a demonstration of exploits in action at the Black Hat security conference set to be held in Las Vegas next week.
The majority of the vulnerabilities discovered by google were so-called "interactionless" bugs, meaning they can be executed on a remote iOS device without requiring any sort of direct interaction with the phone. An attacker simply has to send malicious code via iMessage and wait for the victim to open it. Because these "interactionless" bugs are in high demand for hackers, the security flaws discovered would have sold on the black market or other seedy parts of the internet for as much as $5 million apiece, according to ZDNet.
While Apple largely addressed these significant security flaws with the release of iOS 12.4 on July 22nd, the researchers are holding back on revealing the details of one vulnerability that has not yet been fully patched. Users are advised to keep their phones up to date and download updates as soon as they become available in order to avoid any significant security risks.
Google researchers discovered serious iOS security flaws
Six critical security vulnerabilities that were patched in the iOS 12.4 update released earlier this month were originally discovered by security researchers at Google. Natalie Silvanovich and Samuel Groß, two members of Google's Project Zero bug-hunting team, alerted Apple to the issues. Silvanovich will be laying out the details on several of the bugs and provide a demonstration of exploits in action at the Black Hat security conference set to be held in Las Vegas next week.The majority of the vulnerabilities discovered by google were so-called "interactionless" bugs, meaning they can be executed on a remote iOS device without requiring any sort of direct interaction with the phone. An attacker simply has to send malicious code via iMessage and wait for the victim to open it. Because these "interactionless" bugs are in high demand for hackers, the security flaws discovered would have sold on the black market or other seedy parts of the internet for as much as $5 million apiece, according to ZDNet.
While Apple largely addressed these significant security flaws with the release of iOS 12.4 on July 22nd, the researchers are holding back on revealing the details of one vulnerability that has not yet been fully patched. Users are advised to keep their phones up to date and download updates as soon as they become available in order to avoid any significant security risks.
Views: 439
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
