Yes, you have to update your Apple devices again, because spyware is bad


Share post:

Apple on Thursday released urgent security updates for iPhones, iPads, Macs, Apple Watch, and Safari users to patch against three vulnerabilities that Apple says are being actively exploited.

The three vulnerabilities include a flaw in WebKit, the browser engine that powers Safari; a certificate validation bug that can allow a malicious app to run on an affected device; and a third bug that can be used to get broader access to the kernel, the core of the operating system. These three vulnerabilities form part of an exploit chain, where the bugs are used together to gain access to a target’s device.

The bug fixes come just days after the release of iOS 17, which includes a range of new security and privacy features aimed at limiting the risk from cyberattacks, such as spyware.

For its part, Apple said it is only aware of active exploitation targeting users running iOS 16.7 and earlier. Apple back-ported the bug fix to iOS 16.7, as well as older versions of macOS Ventura and Monterey, and watchOS.

The bugs were discovered by Maddie Stone, a researcher at Google’s Threat Analysis Group, which investigates state-backed threats, and Citizen Lab’s Bill Marczak. In blog posts published Friday, both Google and Citizen Lab confirmed that Apple’s latest updates were to block an exploit used to plant the Predator spyware on the phone of an Egyptian presidential candidate.

Predator is a spyware, developed by Cytrox, a subsidiary of Intellexa, that can steal the contents of a person’s phone when planted, often by way of spoofed text messages pointing to malicious websites. Both Cytrox and Intellexa were added to a U.S. government denylist earlier this year, effectively banning U.S. companies from doing business with them.

This is the second high-profile security update dropped by Apple this month. Earlier in September, Citizen Lab said it discovered evidence of a zero-click vulnerability on a fully up-to-date iPhone (at the time) to plant the Pegasus spyware, developed by NSO Group. The target was a person working for an unnamed Washington-based organization.

The vulnerability was used as part of an exploit chain that Citizen Lab named BLASTPASS, because it involved PassKit, a framework that allows developers to include Apple Pay in their apps.

Marczak, who was speaking at TechCrunch Disrupt on Thursday, said this vulnerability resulted from a failed attempt to hack this U.S.-based victim’s device.

“Because this attempt failed, the remnants of this zero-click exploit were left over on the phone,” Marczak said. “In this case, the root of the vulnerability was a bug in Google’s WebP image library, which is integrated into the iPhone. Attackers found some way to exploit this to run arbitrary code within Apple’s iMessage sandbox to install spyware on the system.”

Update your devices today.

Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

EU ‘final’ talks to fix AI rules to run into second day — but deal on foundational models is on the table

As European Union lawmakers clock up 20+ hours of negotiating time in a marathon attempt to reach...

Why Congruent turned down over $300M from LPs for its third climate tech fund

Joshua Posamentier and Abe Yokell have spent the last seven years on the LP circuit, tirelessly pitching...

Opal Security, which helps companies manage access and identities, raises $22M

VC investment trends in the cybersecurity market suggest a sector in decline — at least within the...

Following UK expansion, Robinhood brings crypto trading to EU

Robinhood’s long-awaited international expansion is at full throttle. The consumer trading and investment app tailored to the...

Pimento turns creative briefs into visual mood boards using generative AI

Pimento is a new French startup that is using generative AI in an interesting way as the...

YC-backed fintech Bujeti raises $2M for its corporate cards and spend management platform

African corporate cards and spend management platform Bujeti has raised $2 million in seed funding. The startup,...

After e-signatures, Tomorro believes e-contracts will be the next thing

You might not be familiar with the name Tomorro, but it is actually not a new startup....

Five-month-old Indian AI startup Sarvam scores $41 million funding

Sarvam AI has come out of stealth mode and announced it has raised $41 million as the...