iPhone / iPad Hack.
Your iPhone May Be Unsafe Due to a Four-Year-Old Contacts Bug That Hasn’t Been Fixed.
Security researchers have revealed that the iOS Contacts app could make your iPhone or iPad vulnerable to malicious attack. Speaking at the Def Con 2019 security conference in Las Vegas this week, researchers from Check Point demonstrated a rare vulnerability in iOS that could allow attackers to run malicious code on Apple devices. Here’s what you should know.
The vulnerability is in SQLite, an industry-standard database format. Essentially, it’s a technique that takes advantage of memory corruption issues in the format.
“SQLite is the most widespread database engine in the world,” Check Point said in a statement. “It is available in every operating system, desktop and mobile.” That includes the iOS Contacts app.
To put it another way, if you search for a contact in the Contacts app, you’re actually just using the SQLite format. The researchers found that they were able to replace just one component of the iOS Contacts app to gain the ability to run malicious code on an iPhone or iPad.
Click HERE [1] for the complete brief.
[2]