Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Two vulnerabilities patched in iOS 12.1.4 were exploited by hackers, Google researcher says

Mikey Campbell |

Last updated

A pair of iOS bugs identified as resolved by Apple in its latest iOS 12.1.4 release were successfully exploited by hackers, according to a Google researcher who shared details of the zero-day vulnerabilities on Thursday.

Apple's latest iOS 12.1.4 release, issued earlier today, contains fixes for Foundation and IOKit flaws that, according to security researcher Ben Hawkes, were used to hack devices in the wild.

As noted by ZDNet, Hawkes, leader of Google's Project Zero security team, shared the revelation on Twitter late Thursday, saying the iOS bugs were leveraged as zero-day vulnerabilities.

How, exactly, the vulnerabilities were exploited and by whom is unknown.

Both bugs were detailed in Apple documentation detailing security changes delivered with the iOS 12.1.4 package.

Logged with the identifier CVE-2019-7286, the Foundation flaw involves a memory corruption issue that could allow an app to gain elevated privileges in iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. An anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero and Samuel Groß of Google Project Zero were credited with finding the flaw.

The second bug, identified as CVE-2019-7287, also involves a memory corruption, but instead of granting elevated privileges it allows an app to executive code with kernel privileges on iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. The same researchers were credited with the find.

Apple released iOS 12.1.4 alongside a supplemental update to macOS Mojave to address the widely publicized FaceTime flaw that allowed interlopers to eavesdrop on Group FaceTime calls. The update also patched a Live Photos in FaceTime bug that was discovered after Apple conducted a "thorough security audit" of the service. Details of the Live Photos vulnerability have yet to be made public.

5 Comments

berndog 11 Years · 90 comments
About

Were these Google researchers and analysts hacking or reverse engineering iOS when they found these exploits? Also, why are they only complaining and going public now that the fix has been released?

gatorguy 13 Years · 24627 comments
About

berndog said:
Were these Google researchers and analysts hacking or reverse engineering iOS when they found these exploits? Also, why are they only complaining and going public now that the fix has been released?

The article isn't entirely clear on this point but the flaws appear to have been reported to Apple by Google and of course the reason not to discuss it in public until now is because Apple hadn't yet fixed it. You should do a few minutes of reading about Project Zero and Google Threat Assessment. They've helped Apple close a whole lot of security holes, Microsoft too. 

lkrupp 19 Years · 10521 comments
About

AppleInsider said:

How, exactly, the vulnerabilities were exploited and by whom is unknown.

Both bugs were detailed in Apple documentation detailing security changes delivered with the iOS 12.1.4 package.

That’s the 64 Thousand Dollar Question.  Saying the bugs were exploited and explaining how are two different things. iOS is the Walled Garden so were apps downloaded from the App Store that did the exploit or were they confined to jailbroken iOS devices? 

apple_badger 13 Years · 85 comments
About

lkrupp said:
AppleInsider said:

How, exactly, the vulnerabilities were exploited and by whom is unknown.

Both bugs were detailed in Apple documentation detailing security changes delivered with the iOS 12.1.4 package.
That’s the 64 Thousand Dollar Question.  Saying the bugs were exploited and explaining how are two different things. iOS is the Walled Garden so were apps downloaded from the App Store that did the exploit or were they confined to jailbroken iOS devices? 

Neither has to be the case: If the bugs are in iOS itself then *any* apps using the vulnerable code (if, for example, it’s in a library) have the potential to be the vector for exploitation. For example, if there is a security vulnerability in an image handling iOS library, any app that uses that library to deal with images can, if presented with a malicious image (let’s say hosted on a website), cause exploitation. I believe this has happened with both Safari and Messages in the past.

tadd 16 Years · 134 comments
About

lkrupp said:
iOS is the Walled Garden so were apps downloaded from the App Store that did the exploit or were they confined to jailbroken iOS devices? 

The vulnerability could also have been demonstrated using a developer application without the application ever having been submitted to the App Store.

Share Your Thoughts on our Forums ->
 

Sponsored Content

article thumbnail

How to stop spam calls and reclaim some sanity on your iPhone

Top Stories

article thumbnail

How Apple's smart home revolution begins in 2025

article thumbnail

AirPods Max four years later: a missed spatial computing opportunity

article thumbnail

Apple says EU interoperability laws pose severe privacy risks

article thumbnail

Don't believe what you see on TikTok - AirDrop doesn't allow thieves to steal your credit card info

article thumbnail

Holiday 2024 MacBook Buyer's Guide — Which Mac laptop you should buy?

article thumbnail

Holiday coupon: save up to $300 on every 14" & 16" MacBook Pro M4