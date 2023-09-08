Countries
Close
English English Portuguese Português (PT/BR) 한국어 Korean 한국어
Apple Rolls Out Update to Fix Zero-Day Bugs Linked to Pegasus Spyware
News

Apple Rolls Out Update to Fix Zero-Day Bugs Linked to Pegasus Spyware

Krishi Chowdhary Journalist Author expertise
Updated:

Apple Rolls Out Update to Fix Zero-Day Bugs Linked to Pegasus

Apple on Thursday released software updates addressing a couple of zero-day vulnerabilities that were used to deliver the NSO Group’s Pegasus spyware. At least one device has been compromised by the mercenary spyware by exploiting the zero-day bugs.

Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware.Citizen Lab cybersecurity researchers

Users Urged to Update Their Devices

Referred to as “BLASTPASS”, the exploit chain has been identified as a zero-day, zero-click vulnerability. This means it could be used to compromise iPhones running on the latest version of iOS, i.e., v16.6, without requiring any interaction from the victim.

Commenting on both bugs, Apple stated that it was already “aware of a report that this issue may have been actively exploited”.

The first vulnerability, which has been identified as CVE-2023-41064, rendered iPhones and other Apple devices like iPads, Macs, and Apple Watches vulnerable to attacks while processing maliciously crafted images. This bug specifically impacts the Image I/O framework.

The other bug, tracked as CVE-2023-41061, was found in the company’s Wallet function.

It would cause security issues when a “maliciously crafted attachment” is sent to the victim’s device. Citizen Lab revealed that they reported the vulnerabilities to Apple immediately and helped the tech giant investigate.

Acknowledging the Citizen Lab’s assistance, Apple urged users to immediately update their devices to the latest version of iOS. The patch fixing the bug for macOS Ventura, iOS, iPadOS, and watchOS devices was rolled out on Thursday.

Notably, Apple released the patch as a part of regular updates rather than a Rapid Security Response. The update will secure Apple devices owned by individuals, companies, and governments all over the world.

What Is the Pegasus Spyware?

The spyware delivered by exploiting the zero-day bugs, Pegasus, has been developed by Israel-based cyber-intelligence firm NSO Group Technologies.

Designed to infiltrate both Android and iOS devices, Pegasus has been widely used to spy on journalists, political leaders, and activists around the world since its initial development in 2011.

While an average person isn’t usually targeted using the Pegasus spyware, it’s a popular choice for spying on high-profile individuals.

Notable victims include human rights investigators in Mexico, members of the Catalan Independence Movement, and assassinated Saudi journalist Jamal Khashoggi.

Governments and intelligence agencies have been known to use this zero-click spyware to target various individuals, especially potential dissidents.

Regulators have recently been trying to stem the spread of the malicious spyware. Earlier this year, US President Joe Biden signed an executive order that blocks the use of Pegasus by the government. The EU, too, saw member nations being urged by the European Parliament to ban the spyware.

So far, the tech giant has patched as many as 13 zero-day vulnerabilities this year. Previously, in June, Apple fixed two other bugs that had been exploited to conduct a spyware campaign that the Russian government blamed on the US.

The campaign was detected by Moscow-based cybersecurity firm Kaspersky. Another zero-day bug forced Apple to roll out a Rapid Security Response patch in July.

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Most Popular News

1 Apple Rolls Out Update to Fix Zero-Day Bugs Linked to Pegasus Spyware
2 Top 20 Richest Women and the Routes to Their Fortunes
3 90+ Fascinating Information Technology Statistics for 2023
4 UNESCO Pushes for Regulations on Generative AI Use in Education
5 The Era of Bots: Education’s Reluctant Acceptance of AI-Powered Generation

Latest News

Top Richest Women Statistics
Statistics

Top 20 Richest Women and the Routes to Their Fortunes

Kate Sukhanova
tech facts and stats
Statistics

90+ Fascinating Information Technology Statistics for 2023

Jeff Beckman

Do you know that information technology is one of the global industries with the quickest growth? It has experienced remarkable growth in past years and is anticipated to triple its...

Generative AI
News

UNESCO Pushes for Regulations on Generative AI Use in Education

Damien Fisher

Following people’s growing interest in using Generative AI, the United Nations Educational, Scientific and Cultural Organization (UNESCO) has stepped out with the need to regulate the mind-blowing technology. UNESCO calls...

AI
News

The Era of Bots: Education’s Reluctant Acceptance of AI-Powered Generation

Damien Fisher
EU Names Tech Gatekeepers, Sets Stage for Fair Competition
News

EU Names Tech Gatekeepers, Sets Stage for Fair Competition

Krishi Chowdhary
crypto
Crypto News

Top crypto gainers on September 7 – ASTR, RUNE, And TON

Nick Dunn
Crypto News

Ripple Price Forecast As XRP’s Volume Hit 7 Months High

Nick Dunn

REGULATION & HIGH RISK INVESTMENT WARNING: Trading Forex, CFDs and Cryptocurrencies is highly speculative, carries a level of risk and may not be suitable for all investors. You may lose some or all of your invested capital, therefore you should not speculate with capital that you cannot afford to lose. The content on this site should not be considered investment advice. Investing is speculative. When investing your capital is at risk. Please note that we do receive advertising fees for directing users to open an account with the brokers/advertisers and/or for driving traffic to the advertiser website

© Copyright 2023 Techreport. All Rights Reserved.