iMessage security flaws uncovered - here's what you need to know

News
By published

Google's Project Zero researchers discovered several vulnerabilities in Apple's iMessage

iMessage
(Image credit: Future)

Security researchers have urged iPhone users to update their device software immediately following the discovery of vulnerabilities in iMessage.

Researchers from Google's Project Zero discovered five flaws Apple's mobile messaging software that could leave its devices vulnerable to attack.

One of the vulnerabilities they uncovered was so severe that only way to save a targeted iPhone would require deleting all of the data contained on the device. Another vulnerability could even be used to copy files off of a device without any help from the device's owner.

Google established its Project Zero team back in 2014 with the aim of uncovering previously undocumented vulnerabilities and so far it has informed Microsoft, Facebook, Samsung and others regarding problems in their code.

iOS update

Apple is well aware of the seriousness of the vulnerabilities discovered by Google and even its own notes regarding iOS 12.4 show that if left unpatched, the flaws could allow hackers to crash an app or execute their own commands on recent iPhones, iPads and even the new iPod Touch if they happen to discover it.

The iPhone-maker has not commented on the issue specifically but it is urging users to install the latest version of iOS which contains fixes for the vulnerabilities as well as additional glitches and threats. 

While Apple released fixes to these vulnerabilities last week, the researchers also flagged a sixth vulnerability which has not yet been patched in the latest update to iOS.

In a statement, Apple stressed the importance of regularly updating your devices, saying:

“Keeping your software up to date is one of the most important things you can do to maintain your Apple product's security.”

ZDnet, which broke the initial story, noted that Google's researchers had shared enough details about the vulnerabilities that attackers could be able to craft exploits to take advantage of them.

If you own any of Apple's mobile products, it is highly recommended that you update them immediately to avoid falling victim to any potential attacks or exploits.

Via The BBC

TOPICS
Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Latest in News
A phone showing a ChatGPT app error message
ChatGPT is down for many – here's what's going on
A woman sitting in a chair looking at a Windows 11 laptop
It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
More about security
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Coinbase targeted after recent Github attacks
Oracle

Oracle denies data breach after hacker claims to hold six million records
ChatGPT app on an iPhone

5 things you should ask ChatGPT today – oh, and 1 you should never ask it!
See more latest
Most Popular
A phone showing a ChatGPT app error message
ChatGPT is down for many – here's what's going on
A woman sitting in a chair looking at a Windows 11 laptop
It looks like Microsoft might have thought better about banishing Copilot AI shortcut from Windows 11
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
Surface Laptop 7
Amazon warns customers about the Surface Laptop – and it’s not just bad news for Microsoft
vector isometric illustration of a handheld gaming console
SteamOS is about to change handheld gaming PCs as HP finally considers ditching Windows 11
Oracle
Oracle denies data breach after hacker claims to hold six million records
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De'Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations