Two members of Project Zero, Google’s elite bug-hunting team, have published details and demo exploit code for five of six “interactionless” security bugs that impact the iOS operating system and can be exploited via the iMessage client.
All six security flaws were patched last week, on July 22, with Apple’s iOS 12.4 release.
Details about one of the “interactionless” vulnerabilities have been kept private because Apple’s iOS 12.4 patch did not completely resolve the bug, according to Natalie Silvanovich, one of the two Google Project Zero researchers who found and reported the bugs.
Four bugs lead to no-user-interaction RCEs
According to the researcher, four of the six…