Project Zero is a Google working group dedicated to computer security. Its mission is in particular to find security vulnerabilities on PC and mobile as quickly as possible after the operating system update, in order to prevent hackers from taking advantage of this to reach users.
Recently, it published a report on security flaws found in iOS, particularly versions 10, 11 and 12. However, these flaws would have been corrected with iOS 12.1.4.
12 vulnerabilities, some low level
Project Zero totaled 12 different security vulnerabilities on iPhone. And to exploit these, as the source reports, hackers set up a fake website. Simply by visiting the latter with Safari on iPhone, the user could find themselves infected with malware, and even offer “root” access to hackers, the lowest level of access possible.
Thus, the criminals were able to recover a lot of data from their victims' iPhones, such as photos, messages and even their password. Moreover, everything was done without the user even being able to realize the attack in progress on their machine.
iOS versions 10, 11 and 12 affected
For at least two years, according to the Google report, the flaws revealed could have been exploited in this way. They are present in iOS 10, iOS 11 and iOS 12, up to version 12.1.4.The latter was published by Applelast February and aimed to fix another major security issue related to FaceTime.
But after the warnings secretly made by Google to Tim Cook's firm, it would also have included in the update all the necessary fixes to resolve the flaws thus disclosed, without delay.
The Cupertino company would have acted urgently to deal with the problem. There was only a 7 day gap between the reveal of Google Project Zero and the release of the update. Generally, Google gives developers 3 months to fix computer vulnerabilities found in their software. This is good proof of the severity of the flaws detailed above affecting the iPhone.
i-nfo.fr - Official iPhon.fr app
By : Keleops AG
Editor-in-chief for iPhon.fr. Pierre is like Indiana Jones, looking for the lost iOS trick. Also a long-time Mac user, Apple devices hold no secrets for him. Contact: pierre[a]iphon.fr.
