Security Awareness

Apple Releases Security Updates to Stop Spyware

iOS 14.8Just a day before Apple’s September event, Apple has released the iOS 14.8, iPadOS 14.8, macOS 11.6, and WatchOS 7.6.2 security updates. While the updates list what might be just basic improvements to CoreGraphics and WebKit, it actually stops the devices from “Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” according to the security note. This code execution is what allows spyware to run on your devices.

The spyware, named Pegasus, from Israel’s NSO Group is able to infect Apple devices without victims’ knowledge. In a recent interview with the New York Times, Apple’s head of security engineering and architecture Ivan Krstić urged customers to run the latest software updates for the fixes to take effect, by installing iOS 14.8, MacOS 11.6, and WatchOS 7.6.2.

Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered an iPhone had been infected with the advanced form of spyware from NSO. One of the senior researchers, John Scott-Railton, also urged Apple customers to run their software updates immediately, “Do you own an Apple product? Update it today.”

You can find out more in Apple Issues Emergency Security Updates to Close a Spyware Flaw at the New York Times.

Print Friendly, PDF & Email

Published by

Ian Aberle

Ian Aberle is an Adobe Creative Educator and the Senior IT Communications Specialist & Trainer for the Office of Information Technology (OIT). For over 25 years, he has helped the SMU community use technology and implement digital and web media through multiple roles with the Digital Commons, SMU STAR Program, and now OIT. Ian enjoys photography and road trips with his family in his free time.