#Apple has patched the main vulnerability in #iMessage so allowed attackers to pull a target’s message history through a bogus link. Once clicked, the link extracted data of within that iMessage application and exported it to an outside source. Apple’s larger security protections prevented this attack from installing malware or pulling data of outside the iMessage application. Just it still represents a significant data breach for any user tempted with clicking on the bogus link.
The attack primarily targeted this OS X version of iMessage, but could also recover messages of iPhones if this butt enabled SMS forwarding. This bug was discovered by a trio of researchers — Joe DeMesy plus Shubham Shah, with the help from Matt Bryant from Uber’s security team — who reported it to Apple before making this details of the attack public. There’s no proof the vulnerability was exploited for criminal ends before being patched.
The new bug comes only a few weeks after researchers at Johns Hopkins published a way into view sent photos plus videos; a vulnerability so was patched with iOS 9.3. That attack worked by masquerading as an Apple server, then brute-forcing the resulting encryption until the media was decoded.
Ad Blocker Detected
Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.