Apple Patches Bug that Allows Full Access to iMessage Data

By

Bad  Mac bug lets  attackers gain access to message content s  and attachments

Apple has patched a serious vulnerability in iMessage that allows attackers to gain remote access to a victim’s messages and attachments. The attack is targeted at a vulnerability in Mac OS X iMessage client.

Researchers at Bishop Fox write on the company blog, “You don’t need a graduate degree in mathematics to exploit it, nor does it require advanced knowledge of memory management, shellcode, or ROP chains. All an attacker requires is a basic understanding of JavaScript.”

Any attacker can target a user’s device by sending a simple message with a URL. Once the user clicks on the link from the OS X iMessage client, the attacker gains access to otherwise-encrypted messages and attachments.


Even if the exploit is for the Mac OS X iMessage client, iMessage on iOS devices is not safe. If a user has enabled SMS forwarding from an iOS device, the attacker also gains access to messages exchanged with the victim’s iOS device.

04/12/2016

Related content

  • Apple’s PQ3 Brings Post-Quantum Security to iMessage
    more »
  • News for Admins
    In the news: CIQ Offers Long-Term Support for Rocky Linux on AWS; Apple's PQ3 Brings Post-Quantum Security to iMessage; Google Open Sources Magika File-Type Detection System; Microsoft Announces Sudo for Windows; Linux Foundation Launches Post-Quantum Cryptography Alliance; Sys Admins Saw the Biggest Average Salary Increase in 2023, According to Dice; Use of Open Source Software Increased Significantly in 2023; Docker Build Cloud Announced; Wi-Fi CERTIFIED 7 Announced; EU Commissions Nostradamus Project for Quantum Testing; and NIST Identifies Main Types of Adversarial Machine Learning Threats, GitLab Announces Critical Security Releases.
    more »
  • Lead Image © Ildar Galeev, 123RF.com
    Targeted attacks on companies
    Watering hole and spear phishing targeted attacks offer the greatest rewards to cybercriminals. Here's how to protect your company from these types of attacks.
    more »
  • Apple’s High Sierra Bitten by Root Bug
    more »
  • Gernot Krautberger, Fotolia
    News for Admins
    News for system administrators around the world.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=