comscore Google researchers disclose six 'interactionless' vulnerabilities in iMessage
News

Google's Project Zero researchers disclose six 'interactionless' vulnerabilities in iMessage

Google researchers found six vulnerabilities and five of them have already been patched by Apple.s

  • Published: July 31, 2019 4:24 PM IST
apple-imessage- (1)

Security researchers at Google have found six critical flaws with iMessage. These vulnerabilities fall into the “interactionless” category. The researchers highlight that these vulnerabilities have the potential to compromise the user’s phone without even interacting with the device. While six critical vulnerabilities have been revealed, Apple has already fixed five of them with iOS 12.4 update. Out of the six vulnerabilities, four of them require the attacker to send an executable code on iMessage. Also Read - Apple bounces back in India, clocks double-digit growth

Six vulnerabilities found in iMessage by Google Project Zero team

Also Read - Manufacture in US or face tariffs, Trump warns Apple

Once the victim opens the message, the malicious code will run. The other two vulnerabilities are memory exploits. Five of these vulnerabilities have already been fixed while the last one remains a mystery. Apple might patch it with the release of iOS 12 or when iOS 13 becomes officially available in September. If you have an iPhone then it is highly recommended that you get the iOS 12.4 update right away. These interactionless security bug were detailed by Google’s Project Zero team, an elite bug-hunting team. Also Read - Apple contractors listen to sensitive and confidential Siri recordings: Report

According to ZDNet, one of the vulnerability has been kept private since iOS 12.4 did not completely resolve it. The four bugs are CVE-2019-8641, CVE-2019-8647, CVE-2019-8660, and CVE-2019-8662. Details about CVE-2019-8641 has been kept private. The fifth and sixth bugs are CVE-2019-8624 and CVE-2019-8646 that allow an attacker to leak data from a device’s memory. The bug also allows the attacker to read files off a remote device, with no user interaction.

The bugs discovered by Natalie Silvanovich and fellow Google Project Zero security researcher Samuel Gro show that even iOS is not secure. Silvanovich will be holding a presentation about remote and interaction iPhone exploits at the Black Hat security conference. A price chart by Zerodium suggests that these vulnerabilities would be worth well over $5 million. Crowdfence, on the other hand, values these vulnerability between $2 million and $4 million each.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel.
  • Published Date: July 31, 2019 4:24 PM IST



new arrivals in india

Vivo Y12s
Vivo Y12s

9,990

Vivo Y51A
Vivo Y51A

17,990

Samsung Galaxy M02s
Samsung Galaxy M02s

8,999

Xiaomi Mi 10i
Xiaomi Mi 10i

21,999

Oppo A15s
Oppo A15s

11,490

Tecno Spark 6 Go
Tecno Spark 6 Go

8,499

Vivo V20 2021
Vivo V20 2021

24,990

Vivo Y20A
Vivo Y20A

11,490

Xiaomi Redmi 9 Power
Xiaomi Redmi 9 Power

11,999

Motorola Moto G9 Power
Motorola Moto G9 Power

11,999

Motorola Moto G 5G
Motorola Moto G 5G

20,999

Vivo V20 Pro
Vivo V20 Pro

29,990

Xiaomi Mi 10T
Xiaomi Mi 10T

35,999

Xiaomi Redmi 9i
Xiaomi Redmi 9i

8,299

Xiaomi Mi 10T Pro
Xiaomi Mi 10T Pro

39,999

Infinix Hot 10
Infinix Hot 10

9,999

Vivo V20 SE
Vivo V20 SE

20,990

Vivo V20
Vivo V20

24,990

Micromax In 1b
Micromax In 1b

6,999

Micromax In Note 1
Micromax In Note 1

10,999

OnePlus 8T
OnePlus 8T

42,999

Samsung Galaxy F41
Samsung Galaxy F41

15,499

Apple iPhone 12 Pro Max
Apple iPhone 12 Pro Max

1,29,900

Apple iPhone 12 Pro
Apple iPhone 12 Pro

1,19,900

Apple iPhone 12 Mini
Apple iPhone 12 Mini

69,900

Apple iPhone 12
Apple iPhone 12

79,900

Poco X3
Poco X3

16,999

Realme Narzo 20A
Realme Narzo 20A

8,499

Realme Narzo 20
Realme Narzo 20

10,499

Realme Narzo 20 Pro
Realme Narzo 20 Pro

13,999

Oppo F17
Oppo F17

16,990

Samsung Galaxy M51
Samsung Galaxy M51

22,999

Poco M2
Poco M2

10,999

Oppo F17 Pro
Oppo F17 Pro

22,990

Realme 7 Pro
Realme 7 Pro

19,999

Realme 7
Realme 7

14,999

Xiaomi Redmi 9A
Xiaomi Redmi 9A

6,799

Vivo Y20
Vivo Y20

12,990

Xiaomi Redmi 9
Xiaomi Redmi 9

8,999

Nokia 5.3
Nokia 5.3

13,999

Motorola Moto G9
Motorola Moto G9

11,499

Realme C15
Realme C15

9,999

Realme C12
Realme C12

8,999

Samsung Galaxy Note 20
Samsung Galaxy Note 20

77,999

Xiaomi Redmi 9 Prime
Xiaomi Redmi 9 Prime

9,999

Oppo Reno4 Pro
Oppo Reno4 Pro

34,990

Samsung Galaxy M01 Core
Samsung Galaxy M01 Core

5,499

Realme 6i
Realme 6i

12,999

Asus Rog Phone 3
Asus Rog Phone 3

46,999

OnePlus Nord
OnePlus Nord

24,999

Infinix Smart 4 Plus
Infinix Smart 4 Plus

7,999

Xiaomi Redmi Note 9
Xiaomi Redmi Note 9

11,999

Samsung Galaxy M01s
Samsung Galaxy M01s

9,999

Vivo X50 Pro 5G
Vivo X50 Pro 5G

49,990

Vivo X50 5G
Vivo X50 5G

34,990

Realme C11
Realme C11

7,499

Poco M2 Pro
Poco M2 Pro

13,999

Realme X3
Realme X3

24,999

Realme X3 SuperZoom
Realme X3 SuperZoom

27,999

Tecno Spark Power 2
Tecno Spark Power 2

9,999

Oppo A12
Oppo A12

9,990

Oppo A52
Oppo A52

16,990

Samsung Galaxy A21s
Samsung Galaxy A21s

15,999

Oppo Find X2
Oppo Find X2

64,990

Motorola One Fusion Plus
Motorola One Fusion Plus

17,499

Samsung Galaxy A31
Samsung Galaxy A31

20,999

Samsung Galaxy M01
Samsung Galaxy M01

8,999

Samsung Galaxy M11
Samsung Galaxy M11

10,999

Infinix Hot 9 Pro
Infinix Hot 9 Pro

9,999

LG Velvet
LG Velvet

Price Not Available

Xiaomi Mi Note 10 Lite
Xiaomi Mi Note 10 Lite

Price Not Available

Apple iPhone SE 2020
Apple iPhone SE 2020

42,500

Honor 30 Pro
Honor 30 Pro

Price Not Available

Honor 30
Honor 30

Price Not Available

OnePlus 8
OnePlus 8

44,999

OnePlus 8 Pro
OnePlus 8 Pro

54,999

Xiaomi Redmi Note 9 Pro
Xiaomi Redmi Note 9 Pro

13,999

Best Sellers