Have iPhone? Beware! Ahead of Apple event 2021, warning issued to owners
Just ahead of the Apple event 2021, iPhone users must update their mobiles immediately to remain protected from malicious attackers.
Ahead of the Apple event 2021 scheduled for September 14 evening in India, when the company is expected to launch its latest iPhone 13 series, the company has released a software update to iOS 14.8, fixing bugs and security flaws on the current version of its iPhone operating system. As part of the iOS 14.8 update, Apple has thanked security researchers at Citizen Lab for helping the company identify and fix a security flaw that could have allowed the alleged installation of spyware on devices owned by lawyers, journalists and activists, without requiring them to even interact with their phones – also known as a zero-click exploit.
According to a report by The Verge, the vulnerability was called ‘ForcedEntry' by the security researchers at Citizen Lab, after they discovered that iOS 14.6 on iPhones had a security flaw in its CoreGraphics system that was affected after receiving a message with a malicious attachment. Citizen Lab had previously revealed that the attack was used to install the Pegasus malware on a user's device using this zero-click exploit, by sending a maliciously crafted file.
Also read: Looking for a smartphone? Check Mobile Finder here.
After a user's phone sent a maliciously crafted attachment (like a PDF) the phone would be infected with the malware and hackers could steal user data and passwords – or even turn on the camera and microphone remotely. Apple was able to fix the issue thanks to a sample of the malicious file that was provided by Citizen Lab on September 7, after it reanalysed a backup taken from an activist's hacked phone, according to the report.
The iOS 14.8 update means that it is important for all iPhone users to quickly download and update their iPhone to iOS 14.8 as soon as possible. Apple has included details of the security fixes that were issued days after they received the sample from the security researchers, and the company has credited Citizen Lab with helping fix the issue, according to the report.
The company has also credited an anonymous researcher with fixing a security issue with the WebKit browser engine that affects both iOS 14 and macOS Big Sur 11, which it believes could have been exploited in the wild. Along with iOS 14.8, Apple has also released updates to watchOS 7.6.2 and Big Sur 11.6 as well, and users should download these updates as well, to protect themselves from attackers online.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.