2023-09-10 08:17:17
Apple called on its users to update their products to protect once morest the “Pegasus” spyware developed and sold by the Israeli company NSO, following it infiltrated the devices without user intervention.
This comes following researchers at Citizen Lab at the University of Toronto discovered a security vulnerability, recommending that devices be updated to the latest package released by Apple on Thursday, according to the Metro newspaper website.
Citizen Lab, which investigates government malware, explained that victims can be targeted by spyware without clicking or opening any attachments, saying: “The exploit chain was able to compromise iPhones running the latest version of iOS 16.6 without any interaction from the victim.” “.
In turn, Apple stated that one of the bugs, tracked as “CVE-2023-41064,” allowed iPhones, iPads, Macs, and Apple Watches, among other devices, to be vulnerable to attack when processing a “maliciously created image.”
The company explained that the other error was called “CVE-2023-41061,” and it might make devices vulnerable if they received a “maliciously prepared attachment.”
It revealed that it is “aware of a report that this issue may have been actively exploited,” without further comment on the two bugs.
Pegasus is a tool commonly used by government systems to target dissidents, journalists, and politicians, so ordinary users likely have nothing to fear, but Citizen Lab recommends keeping devices updated.
This is not the only time that Apple has revealed similar errors. Last June, it fixed two security vulnerabilities.
In November 2021, Apple sued the NSO Group and its parent company for targeting iPhone users with a hacking tool.
Pegasus can hack into both iPhone and Android devices, allowing operators to extract messages, photos, emails, record calls and secretly turn on microphones and cameras.
1694335101
#Apple #launches #security #update #vulnerabilities #exploited #Israeli #Pegasus #program