Over 90 percent of Apple iPhone users are still vulnerable to bugs in iOS that can be remotely exploited without any user interaction via the iMessage client. Apple has fully patched five of six critical flaws revealed earlier this week by Google s Project Zero with the 12.4 iOS update. As of August 1 only 9.6 percent of enterprise devices have been updated, according to Wandera, senior director of systems engineering at Wandera. The code to exploit these vulnerabilities is publicly available, so anyone with a MacOS device and the phone number or iMessage account details of a victim could attack and spy on a target.
Source: https://threatpost.com/90-enterprise-iphone-users-imessage-spy-attack/146899/