Google’s Project Zero team has published a new proof of concept video of the iMessage bug that allows them to access the iOS device files.
The bug was first discussed during the Black Hat security conference in Las Vegas earlier this month. Google followed the protocol and disclosed the bug to Apple back in May (CVE-2019-8646). This gave Apple 90 days to fix the bug before Google went public. The company did follow up on the deadline and released a patch as a part of the iOS 12.4 update. Now, Google Project Zero researcher Natalie Silvanovich who discovered the vulnerability has published a deep dive technical post that discloses more details about the vulnerability. We won’t bother you with the technicalities of the hack and let you check out the technical post published by Google.
One thing we always ensure to mention is never open messages from strangers or messages that might look suspicious. This rule applies to iOS users as well. While iOS being a closed system is more secure, it’s not perfect and this iMessage bug is a perfect example of it. More importantly, always make sure you download and install new updates right away as these come with patches to plug the potential exploits in the software.