Sometimes, device updates can wait a day or two.
However, occasionally, a software update arrives that is absolutely essential.
Today is one of those days, and if you’re running a business that relies on Macs, iPhones, and iPads, you’ll need to update them as soon as you realistically can.
Apple has launched new updates for macOS, iOS, and iPadOS, which address a serious security flaw buried deep within the operating system.
What’s does macOS 11.6 and iOS 14.8 fix?
The patches released by Apple today are best described as ‘zero-day’ fixes, which refers to the fact that the flaws have only been discovered very recently.
The bug was uncovered by researchers at the University of Toronto’s Citizen Lab, who have detailed their findings in a comprehensive report.
It relates to code within the iMessage app, which enables hackers to send invisible, malicious messages without the user’s knowledge. Worse still, the malware included within those messages can administer what’s known as a ‘zero-click’ installation, which means the device can become infected without any user input.
It really is frightening stuff, and you should need no other reason to update your devices immediately.
Have any devices been infected so far?
Potentially. Apple has noted that the spyware may have already exploited several devices, hence the immediate action taken to address the flaw with today’s security updates.
The main area of concern relates to the Pegasus spyware, which was identified earlier this year. Thought to have been developed by Israeli technology firm, NSO Group, Pegasus enables cybercriminals to remotely access and control the infected device.
Speaking to the New York Times, Citizen Lab researcher John Scott-Railton revealed that anyone who takes advantage of the exploit can do “everything an iPhone user can do on their phone and more”.
What can Pegasus do to my devices?
If your iPhone, Mac, or iPad is infected by Pegasus, the potential outcomes are pretty alarming.
For instance, it can steal passwords, data, and even activate your iPhone’s camera. What’s more, the data harvested can be automatically sent on to an external source, resulting in your most confidential, personal information potentially ending up in the wrong hands.
Pegasus can also spread incredibly quickly; it’s believed to be capable of infecting billions of devices in one hit.
However, while we’ve spoken a lot about Pegasus in this article, it’s important to note that it is just one example of spyware. The inherent bug in iMessage can technically open a backdoor for any piece of malicious software or cyber-criminal.
How will I know if my device has been infected?
It’s very difficult to tell by yourself – particularly on the iPhone which doesn’t feature any user-accessible virus protection software.
The story is slightly different on the Mac, but you will need assistance from someone who has cybersecurity skills and experience.
If you’re at all concerned, the first thing to do (sorry we sound like a broken record) is update all of your Apple devices immediately.
Remember that the Moof team is on hand should you require any further assistance or guidance. Get in touch if you’d like more information or some hands-on support.