Google’s Project Zero research team discovered several vulnerabilities in an imaging parsing code which could impact iPhone and Mac devices. This follows recent news that every iPhone using a version of iOS6 or newer is susceptible to remote attacks as reported on Digital Journal and detected cybersecurity experts at ZecOps (a cybersecurity automation startup). Apple is pushing forward software updates for iOS and Mac OS.
Imaging parsing is where the software can recognize or segment objects in an image. The vulnerability, called ‘Fuzzing ImageIO’ (as reported by Forbes) can lead to gaps in security when media files are sent over different messaging platforms. Unfortunately for the public, Google’s Project Zero has a non-disclosure policy so the full nature of the security flaws may never be known. However, Google analysts have informed Apple directly.
Apple has addressed the problems within the latests updates, but consumers will need to make efforts to update their devices to the newest iOS and Mac OS. However, another issue is ‘Fuzzing ImageIO’ can cause a serious crash bug, making it impossible for users to download and install the required update.
This all falls on the heels of multiple concerning issues with Apple, its privacy issues, and seemingly random practices. Such as their sexist credit cards, their issues with third party sellers and repairs, the fact they want to genetically test their employees, or that they don’t want your feedback. These actions and situations don’t paint a pretty picture and this new ‘Fuzzing ImageIO’ security leak is just the top layer of problems.
Forbes has found that every iPhone running the iOS 13.4.1 software is susceptible to crashing, and can often lock up the device. Anyone can spark a crash by sending a specific combination of characters in the Sindhi language to other’s iPhone in Message or Mail apps. iPads, Apple Watches, and Macs can be affected as well. Apple is making efforts to fast-track iOS 13.5 version with patches to fix the problem.