Apple has released a software update to prevent “zero-click” malware from infecting iPhones and iPads.
The weakness, which allows hackers to access devices via the iMessage service even if users do not click on a link or file, was discovered by independent researchers.
According to the experts, the issue impacts all of the technology giant’s operating systems.
The security update was released in response to a “maliciously constructed” PDF file, according to Apple.
The Citizen Lab at the University of Toronto had previously discovered evidence of zero-click malware, but “this is the first one where the exploit has been captured so we can figure out how it works,” according to researcher Bill Marczak.
The previously undisclosed vulnerability, according to the researchers, affects all key Apple products, including iPhones, Macs, and Apple Watches.
Citizen Lab also claimed that the security flaw was used to install spyware on a Saudi activist’s iPhone, and that it had high confidence that the assault was carried out by the Israeli hacker-for-hire business NSO Group.
NSO did neither confirm or deny that it was behind the malware in a statement to the Reuters news agency, stating simply that it will “continue to help intelligence and law enforcement organizations across the world with life-saving technology to fight terror and crime.”
Although the finding is noteworthy, security experts say that most owners of Apple devices need not be alarmed because such assaults are generally highly targeted.
After learning of a report that the weakness “may have been actively exploited,” Apple delivered the iOS 14.8 and iPadOS 14.8 software fixes, according to a blog post.
The news came as the tech giant was preparing to reveal new products at its annual launch event on Tuesday.
Apple is anticipated to announce new iPhones, as well as upgrades to its AirPods and Apple Watch.
A Deeper Analysis
Apple’s iMessage is one of the most secure messaging applications on the market, but it obviously had a severe flaw that was discovered and exploited by a hacker team.
Apple, which prides itself on having a secure and safe system, will be embarrassed by the revelation.
The news might further tarnish NSO Group’s image, which has already been tarnished by recent allegations of extensive spying on innocent individuals.
It also proves that no gadget is completely secure if a motivated, well-funded team wants to hack it and is paid handsomely enough to do it.
The general consensus is that iOS users should upgrade their device’s security software as soon as possible to close the security flaw.
However, the chances of becoming a victim of this pricey and highly skilled hacking are slim for the great majority of consumers.