Google security researchers have found six critical flaws with iMessage that can compromise the user’s phone without him even interacting with the device. These vulnerabilities fall into the “interactionless” category. Luckily, five of them have been patched with the iOS 12.4 update.
Four of the vulnerabilities require the attacker to send an executable code on iMessage and once the victim opens the message, the code will run. The other two are memory exploits.
As of now, five of them are fixed while the last one remains a secret until Apple patches it. We strongly recommend updating to iOS 12.4 if you haven’t already. Good thing that security researches took a hold of the vulnerabilities before anyone else because as ZDNet reports, some will pay millions to use the exploits before Apple is able to patch them.