From theguardian.com
Apple users are being warned to exercise particular caution over their cybersecurity for the next few days, after the company mistakenly reopened a security flaw in the latest version of iOS.
In iOS 12.4, released last month, Apple fixed a number of security bugs, as well as enabling support for the Apple Card in the US. But in doing so, the company accidentally reversed a security fix it had previously patched in iOS 12.3 at the end of April.
That vulnerability, discovered by Google’s bug-hunting team Project Zero, theoretically allows “a malicious application … to execute arbitrary code with system privileges”. In other words, if exploited, a malicious application can gain complete control over an iPhone – a dream for hackers and spies the world over.