Security researchers at Google have discovered six vulnerabilities in iOS. All six vulnerabilities were patched last week with Apple’s iOS 12.4 release. So, update your phone.
The flaws, which were first discovered by Google Project Zero security researcher Natalie Silvanovich, are “interactionless,” meaning that potential hackers can exploit the vulnerability without any user interaction. According to Google researchers, four of the six bugs can lead to the execution of malicious code on a remote iOS device.
Details about the bugs can be found in the linked reports: CVE-2019-8647, CVE-2019-8660, CVE-2019-8662, CVE-2019-8624, and CVE-2019-8646. Apple did not reveal details about one of the bugs (CVE-2019-8641) because the iOS 12.4 update did not completely resolve the issue.
According to ZDNet, if the six bugs were sold on the exploit market, they would have bought in over $5 million.