Google security team blames iOS for another series of security flaws

Sina Technology News Beijing time on the evening of April 29, according to foreign media reports, Google’s security team Project Zero has once again picked fault for Apple, announcing a series of basic vulnerabilities that may provide an entry point for hackers.

Last July, the Project Zero team announced six “no interaction” security flaws affecting iOS. 4 of these 6 security flaws can lead to malicious code execution on remote iOS devices without user interaction. The fifth and sixth vulnerabilities allow attackers to leak data from device memory and read files from remote devices, again without user intervention.

This time, the timing of Google’s announcement of these vulnerabilities is also appropriate. Over the past week, Apple has had two security issues in the spotlight. For example, a security report claimed that a maliciously crafted email could crash Apple’s own Mail app while opening a backdoor for further attacks, and then a viral text bomb, of course.

What these problems have in common is that basic system processing may be exploited. By triggering unexpected software responses on the device, normally locked controls can behave unpredictably, opening the door to attacks.

That’s also the subject of a report released yesterday by Google’s Project Zero team, which revealed a slew of new vulnerabilities. Google said it reported the bugs to Apple or their respective responsible parties, and they have now been fixed.

For users, if they update their operating system as usual, they are protected. But this time is different, with Google warning that even if the flaws alone are not enough to enable takeover of a device or lead to a serious data breach, they can still be exploited remotely if hackers put in the effort.

For Apple, it is definitely hoped that the security disclosures of these days will end soon, especially since these vulnerabilities have been fixed. However, shaken user confidence is another problem. For Apple, which markets using the security of its platform, that’s certainly not a glamorous thing to do.

The Links:   LMG5278XUFC-A CM50E3Y-24E LCD-SOURCE

Related Posts