Shortly before its big autumn event, Apple released updates for iOS and its offshoots as well as the macOS desktop system. These should be installed as quickly as possible, as they counteract one of the most perfidious malware.
You don’t get any new features with the updates, which should reduce the power a bit. Even so, the updates to iOS 14.8, iPadOS 14.8, WatchOS 7.6.2, and macOS Big Sur 11.6 are of great importance. Because, according to Apple, the security patches that are rolled out here are directed against vulnerabilities that are already actively exploited by malware.
At its core, this is primarily about newly identified security gaps that belong to the ForcedEntry problem that has been known for some time. This was already described in August by the Canadian Citizen Lab, whose work mainly deals with government hacking methods. Back then, they found what they were looking for by analyzing an iPhone belonging to an activist from Bahrain who was spied on by government agencies.
The ForcedEntry vulnerabilities are used by the Israeli company NSO Group to smuggle Pegasus malware onto Apple devices. The state trojan is supposed to give the respective authorities and secret services almost complete control over an infected device so that the users can be spied on as much as possible.
The developers at NSO have succeeded in developing exploits that also circumvent Apple’s latest security technologies, which were introduced in iOS 14 under the name BlastDoor. The currently closed gap was found in the functions for rendering images on the display of the respective devices, which can ultimately be exploited via a message sent to the smartphone.
The latest update is likely to cause enormous economic damage for the NSO Group. The development or purchase of exploits against the vulnerability in question definitely requires significant investments. If the vulnerabilities found and exploited for the Pegasus malware are quickly patched, millions of dollars can quickly be wasted.
Web Desk is the news author at Research Snipers which mainly covers Technology News, Microsoft News, Google News, Facebook, Apple, Huawei, Xiaomi, and other tech news and served by Research Snipers Staff and editors.