Google security researchers have discovered a total of six vulnerabilities in Apple's iOS software, of which an iPhone manufacturer has yet to clear. ZDNet reports that the bugs were discovered by two Google Project Zero scientists, Natalie Silvanovich and Samuel Groß, and five of them were updated with last week's iOS 12.4 update, which contained several security fixes.
All of the vulnerabilities that researchers discover are "interactionless," which means they can be run without user interaction, and they exploit a vulnerability in the iMessage client. Four of them (including the vulnerability that have not yet been broadcast) depend on an attacker sending a message containing malicious code to an unsigned phone, and can run as soon as a user opens the message. The remaining two are dependent on memory utilization.
Details of the five updated bugs have been published online, but the final error will remain confidential until it can be addressed by Apple. Anyway, if you haven't updated your iPhone to iOS 1
We are fortunate that these vulnerabilities were discovered by security researchers who had no interest in exploiting them for their own benefit. ZDNet notes that errors like these are priceless for cutting tool manufacturers and monitoring software, and the right buyer is likely to pay millions for access to them before Apple can repair the software for defense. By revealing these bugs to Apple, these security researchers have done a service to iOS users around the world.