Apple issued emergency software updates for a vulnerability in its products. The new iOS 14.8 will fix a weakness that can let the Pegasus spyware infect your devices. It creeps even without users clicking on a malicious message or link. Moreover, this new update comes with a warning to its users to update now. It also helps as its security only upgrade for two vulnerabilities that Apple believes can be used.
Also Read: AirPods 3 May Launch Alongside Apple iPhone 13 Series During ‘California Streaming’ Apple Event
This update comes after security researchers uncovered a flaw. This flaw allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iPad, Apple Watch or Mac computer. That too, without so much as a click. After the discovery, Apple’s security team had worked around the clock to develop a fix. This fix comes in the form of iOS 14.8 for its users.
What security issues does iOS 14.8 fix?
According to the company, the iOS 14.8 – the first security issue is a vulnerability in Apple’s CoreGraphics framework. This is where processing a maliciously crafted PDF could allow an attacker to execute code. The new update will fix the issue within the software.
Meanwhile, the second security hole fixed in iOS 14.8 is in the Apple WebKit browser engine. This is where processing malicious web content could also allow an adversary to execute code. The new update will fix the issue within its software.
Also Read: Apple California Streaming Event Likely Not to Bring Macs and iPad: Report
No click needed spyware
To recall, researchers at Citizen Lab, a cybersecurity watchdog organisation in Canada, found the problem. They found it while analysing a Saudi activist’s phone that had been compromised with the code. This spyware used a novel method to invisibly infect Apple devices without victims’ knowledge. It is famously known as a “zero-click remote exploit”. It is considered the Holy Grail of surveillance. This is because it allows governments, mercenaries and criminals to secretly break into someone’s device without tipping the victim off.
Also Read: Realme C25Y Launch Date in India Confirmed
Moreover, Pegasus has become more effective since it was uncovered. Pegasus can turn on a user’s camera and microphone, record messages, texts, emails, calls — even those sent via encrypted messaging and phone apps like Signal — and send them back to NSO’s clients at governments around the world.