Majority of iPhone users open to iMessage spy attack

In News

Cybersecurity researchers have said that over 90 percent of Apple iPhone users — consumer and enterprise — still remain vulnerable to bugs in iOS that can be remotely exploited without any user interaction via the iMessage client. These could reveal pictures, videos, notes, PDFs and so on stored on the phone.

Though Apple has fully patched five of six critical flaws revealed earlier this week by Google’s Project Zero with the 12.4 iOS update, as of August 1 only 9.6 percent of enterprise devices have been updated, according to a senior official at Wandera.

“The exploit initiates a dump of the victim’s iMessage database and compromises the iOS sandbox, putting files on the device at risk,” he said. “This vulnerability calls into question the integrity of iOS sandboxing, which is one of the most significant fundamentals of the entire iOS security model. This iMessage exploit has similar implications to a jailbreak in that the weakness in iMessage exposes the file space on the device.”

The code to exploit these vulnerabilities is publicly available, he added, so anyone with a MacOS device and the phone number or iMessage account details of a victim could attack and spy on a target: “[This] is very easy for any bad actors to execute. Unlike the recent WhatsApp vulnerability, anyone with intermediate to advanced computing skills can use this code to hack any iPhone which hasn’t been updated.”

The patch for iOS was released on July 22, but user notifications haven’t rolled out; iPhone owners need to manually visit the “software update” section in the settings area and initiate the download.

Comments

You may also read!

Bulwark to showcase state-of-the-art IT security products at GITEX

UAE-based value added distributor, Bulwark Technologies announced that its portfolio of internationally acclaimed products lined up to be showcased

Read More...

Hacking my airplane

ESET’s security researcher, Cameron Camp points out that after welcoming hacking research, automobile technology started to get better at

Read More...

Are you building an effective SOC?

Haider Pasha, regional chief security officer, emerging markets, Palo Alto Networks shares his take on what makes an SOC

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu