New vulnerabilities (described as ‘numerous’) have been detected in Apple’s Image I/O, impacting on MacSecurity and iPhone functionality. This comes following news that every iPhone running a version of iOS 6 or newer is vulnerable to remote attacks, which was reported on Digital Journal following detection by cybersecurity experts at ZecOps, comes information data unveiled by Google’s Project Zero team.
According to Forbes, the new vulnerability is dubbed ‘Fuzzing ImageIO’. This can lead to security gaps relating to media files sent over messaging platforms.
Full details have not been specified, since Google’s Project Zero has a policy over not disclosing the actual nature of security flaws. Instead the Google’s security analysts (who specialize in finding zero-day vulnerabilities) have contacted Apple directly.
In response, Apple has stated it has addressed the flaws in its latest platform updates. In terms of the risk to consumers, however, this very much depends on whether people update to the latest versions of iOS and macOS and have appropriate cybersecurity measures in place.
There’s a ‘Catch-22’ situation otherwise: the vulnerability can introduce a serious crash bug, which renders users unable to download and install the required updated. To overcome this dilemma, Apple are apparently fast-tracking the release of iOS 13.5 together with patches suitable for Macs and iPhones.
