• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Technologous - Managed IT Solutions Bryan/College Station

  • Home
  • About
    • Areas We Serve
    • Our Leadership
      • Chris Dawson
      • Ian Soares
  • IT Services
    • Managed IT
    • Support IT
    • Cloud IT
  • Blog
  • Request a Consultation
  • Contact
You are here: Home / Blog / Update Your iPhone To Avoid Latest iMessage Security Vulnerability

Update Your iPhone To Avoid Latest iMessage Security Vulnerability

If you own an iPhone, be aware that a new iMessage vulnerability has been recently found and patched by Apple. This was part of the iOS 12.4 update.

The flaw allowed hackers to access and read the contents of files stored on iOS devices remotely. They could access files the same way as the device owner with no sandbox, and with no user interaction needed.

In describing the issue itself, Silvanovich had this to say:

The issue was discovered by Natalie Silvanovich, who is a security researcher with Google’s Project Zero. As a proof of concept, she created a demo that only works on devices running iOS 12 or later. She describes it as “a simple example to demonstrate the reach-ability of the class in Springboard. The actual consequences of the bug are likely more serious.”

“First, it could potentially allow undesired access to local files if the code deserializing the buffer ever shares it (this is more likely to cause problems in components that use serialized objects to communicate locally than in iMessage). Second, it allows an NSData object to be created with a length that is different than the length of its byte array. This violates a very basic property that should always be true of NSData objects. This can allow out of bounds reads, and could also potentially lead to out-of-bounds writes, as it is now possible to create NSData objects with very large sizes that would not be possible if the buffer was backed.”

As mentioned, this bug has already been patched, along with two other iMessage vulnerabilities that Silvanovich recently discovered. All of them were addressed in Apple’s most recent (12.4) update. If you’re not in the habit of installing security updates automatically, then you’ll need to grab this one and install it manually at your earliest convenience.

August 15, 2019 Filed Under: Blog Tagged With: Apple, iMessage, iOS, security

Primary Sidebar

GET OUR BLOG IN YOUR EMAIL!

Archives

  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • August 2018

Tags

adobe android App Apple attack Attacks Breach Browser Chrome Credit Card Dark Web Data Database Data Breach Email Facebook Firefox gmail Google Google Chrome government hacker Hackers information Intel iOS iPhone malware Microsoft Microsoft Windows 10 office 365 pandemic Password Passwords patch Phishing ransomeware Ransomware security Social Media Update Vulnerability Wifi Windows Windows 10

Footer

Contact Us

Address: 3091 University Drive, Unit 210, Bryan, Texas 77802
Phone: 979-217-1226

Our Blog

  • Healthcare Ransomware Problem Getting Worse January 30, 2021
  • Chrome Helps Users Check Passwords For Strength January 29, 2021
  • DuckDuckGo Search Engine Sees Huge Growth January 28, 2021
  • Malware Is Android’s Worst Nightmare January 27, 2021
  • Rise In PC Hardware Sales Blamed on Pandemic January 26, 2021

Search

Follow Us

  • Facebook
  • Home
  • About
  • Resources
  • Contact
  • Our Leadership
  • Why Choose Us?
  • IT Services
  • Request a Consultation

Copyright © 2021| All Rights Reserved | Powered By Technologous, LLC | Log in