iOS 14.8 Urgent Security Update Fixes This Critical Flaw

google-follow
- Updated: 14th Sep 2021, 06:32 IST

Apple issued emergency software updates for a vulnerability in its products. The new iOS 14.8 will fix a weakness that can let the Pegasus spyware infect your devices. It creeps even without users clicking on a malicious message or link. Moreover, this new update comes with a warning to its users to update now. It also helps as its security only upgrade for two vulnerabilities that Apple believes can be used.

Also Read: AirPods 3 May Launch Alongside Apple iPhone 13 Series During ‘California Streaming’ Apple Event

This update comes after security researchers uncovered a flaw. This flaw allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iPad, Apple Watch or Mac computer. That too, without so much as a click. After the discovery, Apple’s security team had worked around the clock to develop a fix. This fix comes in the form of iOS 14.8 for its users.

What security issues does iOS 14.8 fix?

According to the company, the iOS 14.8 – the first security issue is a vulnerability in Apple’s CoreGraphics framework. This is where processing a maliciously crafted PDF could allow an attacker to execute code. The new update will fix the issue within the software.

Apple

Meanwhile, the second security hole fixed in iOS 14.8 is in the Apple WebKit browser engine. This is where processing malicious web content could also allow an adversary to execute code. The new update will fix the issue within its software.

Also Read: Apple California Streaming Event Likely Not to Bring Macs and iPad: Report

No click needed spyware

To recall, researchers at Citizen Lab, a cybersecurity watchdog organisation in Canada, found the problem. They found it while analysing a Saudi activist’s phone that had been compromised with the code. This spyware used a novel method to invisibly infect Apple devices without victims’ knowledge. It is famously known as a “zero-click remote exploit”. It is considered the Holy Grail of surveillance. This is because it allows governments, mercenaries and criminals to secretly break into someone’s device without tipping the victim off.

Also Read: Realme C25Y Launch Date in India Confirmed

Moreover, Pegasus has become more effective since it was uncovered. Pegasus can turn on a user’s camera and microphone, record messages, texts, emails, calls — even those sent via encrypted messaging and phone apps like Signal — and send them back to NSO’s clients at governments around the world.



Comments