Read more: Check if your iPhone is infected with Pegasus spyware with this free toolĬitizen Lab, based at the University of Toronto, says it determined NSO used the vulnerability to remotely infect devices with its Pegasus spyware, adding that it believes the exploit has been in use since at least February. According to Citizen Lab, the zero-day, zero-click exploit against iMessage, which it nicknamed ForcedEntry, targets Apple’s image rendering library and was effective against the company’s iPhones, laptops and Apple Watches. The security fix, earlier reported by The New York Times, stems from research done by a public interest cybersecurity group called Citizen Lab that found a Saudi activist’s phone had been infected with Pegasus, NSO’s best-known product.
APPLE SECURITY UPDATE CLOSES SPYWARE IWATCHES FOR FREE
The company used the event to say that iOS 15 and iPadOS 15 would generally be available for free download starting Sept. The patches came a day before Apple’s splashy fall event that introduced new versions of iPhones and iPads, along with the latest Apple Watch. “Apple is aware of a report that this issue may have been actively exploited.”Īpple also released WatchOS 7.6.2, MacOS Big Sur 11.6 and a security update for MacOS Catalina to address the vulnerability.
“Processing a maliciously crafted PDF may lead to arbitrary code execution,” the note read.
13, Apple released security updates for its iPhones, iPads, Apple Watches and Mac computers that close a vulnerability reportedly exploited by invasive spyware built by NSO Group, an Israeli security company.Ī security note for iOS 14.8 and iPadOS 14.8 said some harmful PDFs could take advantage of Apple’s popular operating systems. Apple’s newest iPhone operating system is set to land on Monday, but iPhone users should still use the weekend to update their phones before it drops, in order to install a critical security patch.