#Apple has patched the main vulnerability in #iMessage so allowed attackers to pull a target’s message history through a bogus link. Once clicked, the link extracted data of within that iMessage application and exported it to an outside source. Apple’s larger security protections prevented this attack from installing malware or pulling data of outside the iMessage application. Just it still represents a significant data breach for any user tempted with clicking on the bogus link.
The attack primarily targeted this OS X version of iMessage, but could also recover messages of iPhones if this butt enabled SMS forwarding. This bug was discovered by a trio of researchers — Joe DeMesy plus Shubham Shah, with the help from Matt Bryant from Uber’s security team — who reported it to Apple before making this details of the attack public. There’s no proof the vulnerability was exploited for criminal ends before being patched.
The new bug comes only a few weeks after researchers at Johns Hopkins published a way into view sent photos plus videos; a vulnerability so was patched with iOS 9.3. That attack worked by masquerading as an Apple server, then brute-forcing the resulting encryption until the media was decoded.
While powerful, this attack relied on relatively basic security tactics, using javascript code in place from an iMessage URL in a classic cross_scripting attack. Apple patched next this technique by the CVE-2016/1764 update latest month. That company did not immediately reply to a request for comment; we will update this post with any answer.
iMessage bug exposed target's talk history after one click
08/04/2016