Apple released an emergency security update on Monday after it was revealed that Israeli cyber intelligence firm NSO Group’s Pegasus software spyware could infect iPhones and other devices without even a single click.
why it matters: The fix comes a day before the company is expected to present its latest crop of iPhones at a press event. The company makes the security and privacy of its smartphones among its key selling points.
big picture: Security flaw was discovered by researchers civil laboratory, who found that a Saudi worker’s phone had been infected with Pegasus spyware via iMessage.
- The device was hacked via iMessage via a “zero-click” method, which allowed it to remain undetected in the worker’s device since February, according to Washington Post.
- The same security flaw would allow the software to infect other Apple iPhones, watches and MacBooks per post.
an Apple spokesperson told the New York Times That it plans to add new spyware barriers in its next software update later this year.
- The Times writes that Apple’s security team has been “working round the clock to develop a fix” since Tuesday.
What are they saying: Evan Kristic, Apple’s Head of Security Engineering and Architecture, said in a statement, “After identifying a vulnerability used by this exploit for iMessage, Apple rapidly developed and developed a solution in iOS 14.8 to protect our users. Fixed deployed.”
- “Attacks such as the one described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,
- “While this means they do not pose a threat to the overwhelming majority of our users, we continue to work tirelessly to protect all of our customers, and we are continually adding new protections to their devices and data.”
Be smart: “Users of mobile and computing platforms need to make checking for security updates part of their weekly, if not daily routine,” Steve Turner, an analyst at tech consulting firm Forrester, wrote in a note emailed to Nerdshala.
state of play: NSO Group’s Pegasus software has become a valuable tool for governments to spy on journalists and critics, an international consortium of investigative journalists revealed earlier this summer.