"All iPhones with iOS versions prior to 14.8, All Mac computers with operating system versions prior to OSX Big Sur 11.6, Security Update 2021-005 Catalina, and all Apple Watches prior to watchOS 7.6.2." If you want specifics on what exactly is affected, Apple has said the following:
Apple is aware of a report that this issue may have been actively exploited.ĭescription: An integer overflow was addressed with improved input validation.
#Apple security update iphones macs iwatches pdf#
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Put simply, if you run any of these devices, you must update immediately to iOS 14.8. The exploit has apparently been in use since at least February 2021, and reportedly works on Apple iOS, MacOS, and WatchOS devices. Known as “FORCEDENTRY”, it was discovered by CitizenLab after a forensic examination of a phone belonging to a Saudi activist. This most recent exploit is a “zero-day, zero-click” flaw in Apple’s iMessage app that requires no user interaction at all.
The exploits change over time, as they are discovered and patched by Apple. Pegasus spyware is typically installed on victims' phones using a software exploit that requires little or no user interaction-perhaps no more than a click. The update fixes a vulnerability silently exploited by software called Pegasus, which is often used in high-level surveillance campaigns by governments. Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for iPhones, iPads, Macs, and Apple Watches.
0 kommentar(er)
