Google Finds iMessage Bug That Exposes Files on an iPhone
#1
Quote:A Google security engineer discovered a critical bug in Apple’s iMessage platform that allowed an attacker to obtain access to data stored on an iPhone.
 
Natalie Silvanovich, security researcher and part of the Google Project Zero team, says they discovered a total of five different bugs in iMessage.
All of them have already been reported to Apple and are subject to a 90-day disclosure policy, as per the Project Zero program. According to the researcher, the five issues are the following:
  • CVE-2019-8647 - remote, interactionless use-after-free
  • CVE-2019-8662 - similar to CVE-2019-8647
  • CVE-2019-8660 - remote, interactionless memory corruption
  • CVE-2019-8646 - allows an attacker to read files off a remote device with no user interaction, as user mobile with no sandbox
  • CVE-2019-8641 - still private, as fix not yet available
The iMessage bug, which can be reproduced using the instructions on the page linked above, was reported to Apple back in May. The company included a patch in iOS 12.4, so iPhone users are recommended to install the new software update as soon as possible.

SOURCE: https://news.softpedia.com/news/google-f...6878.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Brave 1.92.134
Release Notes v1.9...harlan4096 — 06:14
AdGuard for iOS 4.5.21
AdGuard for iOS 4....harlan4096 — 06:13
AnyDesk 9.7.2 for macOS
Version 9.7.2 for ...harlan4096 — 06:12
Opera 133.0.5932.20
Hello! Opera 13...harlan4096 — 06:11
Intel reportedly restarts 13th and 14th ...
Intel LGA1700 plat...harlan4096 — 06:10

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>