iOS security patch issued to protect devices from spyware

iOS security patch issued to protect devices from spyware

HomeGuides, How ToiOS security patch issued to protect devices from spyware

Apple has released a security update that all iPhone and iPad users should download as soon as possible.

ChannelPublish DateThumbnail & View CountActions
Channel AvatarPublish Date not found Thumbnail
0 Views

On Thursday afternoon, the company began rolling out iOS 16.6.1. The update fixes a zero-day vulnerability that, according to the University of Toronto's Citizen Lab, had been actively exploited by Israel's NSO Group to infect devices with its Pegasus spyware. "Processing a maliciously crafted image could lead to the execution of arbitrary code," Apple says of the vulnerability on its support page for iOS 16.6.1.

Citizen Lab first discovered the vulnerability, called Blastpass, last week when it examined the device of an individual associated with a "civil society organization with international offices" based in Washington DC. "The exploit chain was able to compromise iPhones running the latest version of iOS (16.6) without any interaction from the victim," the research team said. The exploit involved PassKit, a code suite that Apple offers to developers who want to integrate Apple Pay functionality into their apps. Citizen Lab said it would share more information about the exploit in the future. According to Apple, iOS 16's Lockdown Mode can block Blastpass.

"We encourage anyone who may be at increased risk because of who they are or what they do to activate Lockdown Mode," Citizen Lab said. "We commend Apple for their prompt investigation response and patch cycle, and we acknowledge the victim and their organization for their cooperation and assistance."