Zero-day vulnerabilities in Apple products. iPhone, iPad, Mac, Apple Watch update now!
iOS 15 and iPad OS 15 are out on the 20th, but wait no more!
Apple has urgently released a patch to fix the vulnerability of NSO Group's most deadly spyware, Pegasus, which terrorized journalists and activists around the world by intruding and monitoring with zero clicks. . If you have an iPhone, iPad, Mac, or Apple Watch, update now. It's a scary hole!
Applicable models
Applicable models are iPhone 6s and later, iPad 5th generation and later, iPad Pro all models, iPad Air 2nd generation and later, and iPad mini 2nd generation. 4th generation or later, iPod touch 7th generation, etc. Check the version information of the currently installed OS, and if it is the latest OS (iOS 14.8, iPad OS 14.8, watchOS 7.6.2, macOS Big Sur 11.6), it is OK, but if not, follow the official update procedure. You can update it by
Discovered by the University of Toronto
This latest zero-day vulnerability (CVE-2021-30860) was discovered by the Security Research Team at the University of Toronto Citizen Lab. We waited for the release of the patch and decided to disclose the details of the vulnerability.
The BlastDoor function that prevents iMessage zero-click attacks has been added to the iPhone 14 and solved! That's what I thought, but when I inspected an iPhone infected with Saudi Arabian civil activist Pegasus, it turned out that even this BlastDoor had been breached. It turns out that the risky state of being invaded just by receiving an invisible malware-laden message via iMessage continues.
What happens if it is invaded?
Once compromised, anything a user can do can also be done by an outside intruder. SMS, emails, and calls will all go unnoticed. At this point, no matter how much you end-to-end encrypt your communications with apps like Signal or Telegram, NSOs can freely collect the information they want and hand it over to their customers.
Apple just quietly made changes to its iOS 14.5 code back in February to make it more difficult for zero-day attacks...but it's going to take a long time...
Advertisements