Latest in Gear

Image credit: NurPhoto via Getty Images

Google researchers discovered serious iOS security flaws

The vulnerabilities reportedly would have sold on the black market for up to $5 million.
488 Shares
Share
Tweet
Share
Save

Sponsored Links

NurPhoto via Getty Images

Six critical security vulnerabilities that were patched in the iOS 12.4 update released earlier this month were originally discovered by security researchers at Google. Natalie Silvanovich and Samuel Groß, two members of Google's Project Zero bug-hunting team, alerted Apple to the issues. Silvanovich will be laying out the details on several of the bugs and provide a demonstration of exploits in action at the Black Hat security conference set to be held in Las Vegas next week.

The majority of the vulnerabilities discovered by Google were so-called "interactionless" bugs, meaning they can be executed on a remote iOS device without requiring any sort of direct interaction with the phone. An attacker simply has to send malicious code via iMessage and wait for the victim to open it. Because these "interactionless" bugs are in high demand for hackers, the security flaws discovered would have sold on the black market or other seedy parts of the internet for as much as $5 million apiece, according to ZDNet.

While Apple largely addressed these significant security flaws with the release of iOS 12.4 on July 22nd, the researchers are holding back on revealing the details of one vulnerability that has not yet been fully patched. Users are advised to keep their phones up to date and download updates as soon as they become available in order to avoid any significant security risks.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
488 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best mobile devices for students

The best mobile devices for students

View
Lenovo’s Smart Clock becomes a more capable home hub

Lenovo’s Smart Clock becomes a more capable home hub

View
Wirecutter's best deals: Save $60 on an Acer Chromebook 11

Wirecutter's best deals: Save $60 on an Acer Chromebook 11

View
Samsung Galaxy Note 10+ review: Weird, but in a good way

Samsung Galaxy Note 10+ review: Weird, but in a good way

View
iFixit teardown takes a look inside the Note 10+ 5G

iFixit teardown takes a look inside the Note 10+ 5G

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr