A major loophole worth 10 million dollars! IOS 12.4 emergency repair of iMessage risk hero Google

Wang/Comprehensive Foreign News Report

Last week, Apple fixed five vulnerabilities in iMessage in iOS 12.4, and the hero behind these vulnerabilities was not Apple itself, but two members of Google's security team Project Zero. Recently, one of the members has released the details of four vulnerabilities and attack codes for demonstration, while the other one is kept secret because the update of iOS 12.4 has not completely solved the vulnerabilities.

According to a comprehensive foreign news report, Apple released a security update for iOS 12.4 last week, which did not significantly improve the function, but fixed 36 security vulnerabilities. Five of these vulnerabilities were discovered by Natalie Silvanovich and Samuel Gro, two researchers of Google Project Zero. ) * * * With the proposal. Including CVE-20 19-8647, CVE-20 19-8662, CVE-20 19-8660, CVE-20 19-8646 and CVE-20. On Monday (29th), Silvan Wiki published the details of four of them on Twitter.

According to the security content of iOS 12.4 released by Apple, CVE-20 19-8647 belongs to the problem of "releasing memory usage errors", which allows remote attackers to execute arbitrary code. Apple chooses to solve this problem by improving the memory management mechanism. On the other hand, CVE-20 19-8662 allows a remote attacker to trigger an "error in using released memory" in an application, thus deserializing the untrusted NSDictionary. Apple pointed out in the report that this problem has been solved by improving the inspection mechanism.

CVE-20 19-8646 is an out-of-bounds reading vulnerability, through which a remote attacker can leak memory; CVE-20 19-8660 and CVE-20 19-864 1 are both memory corruption vulnerabilities, and remote attackers can cause programs to suddenly stop or execute arbitrary programs. However, Sylvia Vicky has not released the details of CVE.

Silvan Wiki said that CVE-20 19-864 1, CVE-20 19-8647, CVE-20 19-8660 and CVE-201. A remote attacker only needs to send a malformed message to the victim's mobile phone. Once the user opens and looks at the received project, malicious code will be executed.

Hilvan Vicky will share details and demonstrate remote and interactive iPhone vulnerabilities at the Black Hat Security Conference in Las Vegas next week.

ZDNet, a technology website, quoted the price list of Zerodium, a vulnerability trading platform, and pointed out that, similar to the above vulnerabilities, the price of each item on the platform can reach more than $6,543.8+0,000. This means that Silvan Wiki can be said to have exposed vulnerabilities worth more than 5 million US dollars (about RMB 34510.5 million yuan), even reaching10.0 million US dollars. According to the estimate of Crowdfense, a vulnerability research company, these iOS vulnerabilities can easily be estimated to be between 2 million and 4 million US dollars, and the total value may be as high as1million to 24 million US dollars (about RMB 6,543.8+0,657.22 million).