Get all your news in one place.
100’s of premium titles.
One app.
Start reading

Apple releases emergency security update to block spyware vulnerability

Apple released emergency security updates Monday after it was discovered that an Israeli cyber surveillance company's spyware could infect iPhones and other devices without the owner even clicking on a link.

Why it matters: The fix to the intrusion by the NSO Group's Pegasus software came the day before Apple is expected to introduce its latest crop of iPhones. The company touts the security and privacy of its smartphones among its key selling points.


The big picture: The security flaw was discovered by researchers at watchdog group Citizen Lab, which found that the phone of a Saudi political activist had been infected with the Pegasus spyware via iMessage.

  • The device had been hacked using a "zero-click" method that had allowed the spyware to live on the Saudi's phone since February without detection, according to the Washington Post.
  • The same security flaw would enable the software to infect other Apple iPhones, watches and MacBooks, per the Post.

An Apple spokesperson told the New York Times that it is planning to add new spyware barriers to its next software update, due out later this year.

  • Apple's security team has been "working around the clock to develop a fix," the Times writes.

What they're saying: "After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users," said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement.

  • "Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.
  • "While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data."

Be smart: "Users of mobile and computing platforms need to make checking for security updates a part of their weekly, if not daily routine," wrote Steve Turner, an analyst at the tech consulting firm Forrester, in a note emailed to Axios.

State of play: The NSO Group's Pegasus software made news earlier this summer after an international consortium of investigative journalists revealed it had become a valuable tool for governments to spy on journalists and critics.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.