Google Project Zero security investigators made a detailed post about a security breach in iPhones. These flaws, or exploits, consist of websites that, when visited, can install malware on the devices.
According to one of the investigators, it was enough to visit one of the malicious sites once to have the iPhone infected with harmful software. Google further reinforces that sites have been visited thousands of times a week over the years.
As a rule, Google has a period of 90 days before disclosing such flaws to the public. This is a security measure that allows the company (in this case Apple) to correct errors without them becoming generally known.
Investigators discovered 12 different security holes
During the investigation, the Project Zero team discovered several 12 distinct flaws that allow iPhones to 'get infected'. Seven of these were found in Safari, the browser preinstalled on all iPhones.
These flaws are used to discover users' locations or even steal photos stored on the device. However, the worst part is that hackers can also have access to saved passwords.
Apple fixed crashes with iOS 12.1.4
The latest version of iOS reportedly fixed and blocked such attempts. However, one of Google's investigators, Ian Beer, claims that possibly the flaws are still active in one form or another.
Apple pays up to $ 1 million for fault finding
Recently, Apple has increased the reward value for those who find security holes in iOS. More specifically, glitches that allow administrative access to iPhone without the user noticing. The apple company pays up to $ 1 million to the most efficient researchers.
EBox editors recommend: