Skip to main content

Apple just fixed an iMessage bug that researchers called easily exploitable

Your chat history on iMessage just went through a period when it was not altogether safe, but now, all wrongs have been righted thanks to an OS X update. A major issue in iMessage was recently fixed by Apple, preventing hackers and other ne’er-do-wells from pulling victims’ message histories.

It turns out that, prior to the fix, hackers had the ability to send iMessagers special links that, when clicked, granted access to the otherwise encrypted messages sent between iPhone users. In fact, so simple was the vulnerability that security researchers at Bishop Fox said that, “You don’t need a graduate degree in mathematics to exploit it, nor does it require advanced knowledge of memory management, shellcode, or ROP chains.” But now, Apple has addressed the issue, and your correspondence is safe once more.

Recommended Videos

While the problem has been addressed, it does nothing for the security reputation of Apple, who has recently had their iPhone hacked by the FBI as well as by researchers at John Hopkins, who published their own findings on iPhone vulnerabilities just a few weeks ago. This latest hole was discovered by researchers Joe DeMesy and Shubham Shah of Bishop Fox, along with Matt Bryant of Uber’s security team. The trio told Apple before they told the public, and thus far, there’s no evidence to suggest that any iMessage user fell victim to an attack as a result from the security flaw.

According to VentureBeat, an iMessage attack of this nature would have relied upon “javascript code in place of an iMessage URL in a classic cross-scripting attack.” The vulnerability was addressed with the CVE-2016-1764 update, which went into effect last month, so users now have no reason to worry. Of course, any sort of security flaw within Apple generally causes some sort of ruckus, but the company has yet to respond to requests for comment. In the meantime, however, rest assured that the latest version of Apple’s software contains no such holes — so if you haven’t yet updated, hop to.

Lulu Chang
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Apple just dropped a new watch band and wallpapers for Pride 2025
Apple Pride 2025 collection.

Apple just announced its "2025 Pride Collection," which includes a new Sport Band for Apple Watch, a dynamic watch face, and a dynamic wallpaper that will be available for iOS and iPadOS. The watch band is available to order from today and the watch face/wallpapers will drop in upcoming software updates.

Apple has been releasing special edition watch bands for Pride Month for almost a decade now, each with a different take on the rainbow/multicolored design. This year's is pretty straightforward, making use of bold stripes of color just like actual pride flags.

Read more
Apple could finally fix Siri on iPhones with help from Google’s Gemini
Gemini Live on an iPhone.

“Find me a decent coffee shop where I can sit and get work done?” I uttered into my iPhone’s mic. 

“I’ll need to use ChatGPT to write that.” That was Siri’s response in my interaction with Apple’s voice assistant just over a week ago. Google’s Gemini assistant helped me the way I expected it to. 

Read more
Apple just released the iOS 18.5 beta, and what’s not coming is clear
iOS 18 logo on the iPhone 16 Pro

Apple has only just released iOS 18.4 to the public and mere days later it is already starting to give access out for the next update in iOS 18.5.

Apple has begun seeding the latest iOS 18.5 beta 1 to those with compatible devices that allow for access. So mostly developers then.

Read more