We all know very well that the tech giant Google has a team known as Threat Analysis Group (TAG), and recently, it has identified several pages that have exploited flaws of iOS. The consequences were alarming, as iPhone could be hacked simply to steal user data like WhatsApp photos or messages or installing spy tools and much more.
However, in a blog post on Project Zero, of course, it’s a program which was created by the tech giant Google itself in 2014 with the proposal to uncover security holes to make the web more secure, the company’s researchers reveal the discovery of five attack chains involving at least 14 security holes.
Of course, it’s all about the security that affected everything from iOS 10 to iOS 12. These attack chains generally gave attackers root access to the operating system.
Among all these things, there are 14 flaws that are identified, seven were related to Safari, five affected the kernel, and the other two involved sandbox instances, of course, it is a protected area that limits the application access to certain features for security objectives.
With root access, the attackers could easily install any applications to monitor the user, access messages from the instant messaging services like WhatsApp and iMessage, get access to photos, get real-time geolocation data, and much more.
The worst part is that the user did not need to perform any specific actions, as simply by accessing malicious pages was enough for exploits to take action, and if successful, the user’s iPhone could be hacked.
However, the tech giant Google estimated that these sites have received thousands of visits. As it always does, the tech giant Google has already reported the vulnerabilities to the tech giant Apple. And the Project Zero team typically sets a time limit of 90 days after notification for the responsible company to make corrections available, otherwise, the tech giant Google will raise a public alert about the issue.
But because of this very serious flaw, the tech giant Google has already given a deadline of just seven days. And the tech giant Apple was already notified on February 1, 2019, and released the fixes on February 7 with the release of iOS 12.1.4.
Although the tech giant Apple acted promptly after the notification, but, the fact is that all these issues took a long time to correct. While the TAG estimated that the faults have been exploited for at least two years.
There are no estimates of how many users would have been affected, but what matters most is the vulnerabilities that have been now mitigated, hence, the tech giant Google has concluded that this is a good time to discuss about them and their effects.
So, what do you think about this? Simply share all your views and thoughts in the comment section below. And if you liked this post then simply do not forget to share this post with your friends and family.