A duo of Google security researchers found six critical vulnerabilities with Apple’s messaging app — iMessage — which they believe could potentially compromise a user’s phone without them even interacting with the device. The researchers categories the exploits as “interactionless” vulnerabilities.
Fortunately, five of these six vulnerabilities have been patched with the iOS 12.4 update. The sixth vulnerability remains a secret until Apple patches them. To at least get the five of the exploits out of you iPhone, we strongly recommend you to upgrade to iOS 12.4 if you haven’t already.
The research by Natalie Silvanovich and Samuel Groß, was first reported by ZDNet. The researchers said that four of the vulnerabilities in iMessage could lead to the execution of malicious code on remote iOS devices, without any significant user interaction. Which means all an attacker had to do was to deliver an infectious message and entice you to view it.
The other two vulnerabilities are apparently memory exploits.