Manzana has released a critical security update for iOS 16 destined to iPhones and iPads to fix a particularly malicious bug that could allow a hacker to take control of your device without requiring any action on your part. Zero-click, zero-day exploit allows attackers to install spyware Pegasus from NSO Group, which would allow them to read a target’s text messages, listen to calls, steal and transmit images, track their location, and more.
The exploit (known as “Blastpass”) was initially discovered by Citizen Lab, who immediately disclosed it to Manzana. It is reported that it was used to install Pegasus in it iPhone from an employee of an organization based in Washington DC. He is capable of compromising devices running the latest version of iOS 16.6 “without any interaction from the victim,” the group wrote.
Manzana He has launched iOS 16.6.1 to counter this vulnerability, simply stating that “a maliciously crafted attachment may result in the execution of arbitrary code.” Furthermore, Citizen Lab even recommended “all users at risk to consider enabling Blocking Mode as we believe it blocks the attack.” The attack is believed to have involved PassKit (a development kit that allows developers to incorporate Apple Pay in your apps), hence the name Blastpass, along with malicious images sent by iMessage. For obvious reasons, Citizen Lab did not reveal any other details.
Lock Mode is a recent feature of iOS designed to severely restrict device functions Manzana and is aimed at a “very small number of users who face serious threats to their digital security,” as stated Manzana. The company has faced several threats lately, including a vulnerability from February 2023 that “could have been actively exploited,” according to Manzana mentioned at that time.
The exploit also puts Pegasus in the news, after a ban by the Biden administration earlier this year. Developed by Israel-based cyber company NSO Group, it caused a scandal after being used by multiple nations to spy on journalists, activists and others. In one notorious case, Saudi Arabia was reported to have used it to spy on journalist Jamal Kashoggi, who was later assassinated in Turkey. The next fall event Manzanacalled “Wonderlust,” is about to arrive.
It is expected that four new iPhones and a couple of models Apple Watch be the protagonists when the company presents its latest products. The port is expected USB-C be in the center of attention, since Manzana changes its loading ports in response to new EU regulations. Though nothing is confirmed until Tim Cook takes the stage on Tuesday, we’ve rounded up the most likely leaks and rumors ahead of the event. Manzana he September 12.
Via: Engadget
Editor’s note: What are you doing here? Run to update your phone, if it doesn’t appear, go to Settings-General-Software Update.