Thursday, December 16, 2021

Project Zero on the iMessage zero-click exploit

Three months after Apple released the patch for the exploit, the Project Zero team have released a fabulous detailed description of how it worked: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution.

The Project Zero team, who most certainly have seen it all, dryly observe:

Based on our research and findings, we assess this to be one of the most technically sophisticated exploits we've ever seen

This is an extraordinarily interesting article, well worth a read. (And note that it's only part of the overall explanation; the Project Zero team promise further details in the future.)

They provide a wealth of background links and reference material as well.

Highly recommended.

No comments:

Post a Comment