Apple's iOS 14.8 Update Fixes Zero-Click Exploit Used to Distribute Pegasus Spyware

by

Today's iOS 14.8 update addresses a critical vulnerability that Apple engineers have been working around the clock to fix, reports The New York Times.

nso israeli surveillance firm
Last week, The Citizen Lab informed Apple about a new zero-click iMessage exploit targeting Apple's image rendering library. Called FORCEDENTRY, the exploit could infect an iPhone, iPad, Apple Watch, or Mac with the Pegasus spyware, providing access to the camera and microphone in addition to allowing access to text messages, phone calls, and emails.

FORCEDENTRY was distributed by Israel's NSO Group to governments and various other entities, and The Citizen Lab discovered it after analyzing the ‌iPhone‌ of a Saudi activist. Details were sent to Apple on September 7, and Apple took a week to fix the bug. According to The Citizen Lab, FORCEDENTRY has been in use since at least February 2021.

"This spyware can do everything an ‌iPhone‌ user can do on their device and more," said Citizen Lab senior researcher John-Scott Railton.

Apple lists the fix as CVE-2021-30860, and described it as a maliciously crafted PDF that could lead to arbitrary code execution.

Back in July, a slew of media reports highlighted zero-click iMessage exploits called Pegasus, which were distributed by Israeli surveillance firm NSO Group and were used to target journalists, lawyers, and human rights activists around the world. A database of more than 50,000 people who had been targeted by NSO's clients was made public at the time.

The Pegasus spyware is notable because it skirts BlastDoor, specific iMessage protections that Apple put into place in with the launch of iOS 14. BlastDoor is a sandbox security system for Messages that's designed to prevent exploits like Pegasus, but it's still a work in progress.

Apple told The New York Times that it plans to add spyware barriers to the iOS 15 software update to prevent similar attacks in the future.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Apple Security, Security

Top Rated Comments

iStorm Avatar
iStorm
34 months ago

Just turn this off!


And for even more security...



Attachment Image
Score: 41 Votes (Like | Disagree)
Mantahoe Avatar
Mantahoe
34 months ago

Just turn this off!


This is dumb. Regular sms is worse security-wise.
Score: 32 Votes (Like | Disagree)
Villarrealadrian Avatar
Villarrealadrian
34 months ago
Well this is great News!
Score: 16 Votes (Like | Disagree)
Benjamin Nabulsi Avatar
Benjamin Nabulsi
34 months ago
Why Apple, Google, and Microsoft don't sue such companies and run their resources to the ground?
Score: 16 Votes (Like | Disagree)
adbe Avatar
adbe
34 months ago

Why did apple not start on this back in July?
Because they didn't know about this particular exploit back in July. The article makes that pretty clear.
Score: 16 Votes (Like | Disagree)
mw360 Avatar
mw360
34 months ago

Why did apple not start on this back in July?
There are a series of clues in all those words underneath the picture.
Score: 15 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 18 Siri Integrated Feature

iOS 18 Will Add These New Features to Your iPhone

Friday April 12, 2024 11:11 am PDT by
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
Read Full Article
iOS NES Emulator Bimmy Feature

NES Emulator for iPhone and iPad Now Available on App Store [Removed]

Tuesday April 16, 2024 11:33 am PDT by
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Read Full Article223 comments
iGBA Feature

Apple Removes Game Boy Emulator iGBA From App Store Due to Spam and Copyright Violations

Sunday April 14, 2024 9:22 pm PDT by
Apple today said it removed Game Boy emulator iGBA from the App Store for violating the company's App Review Guidelines related to spam (section 4.3) and copyright (section 5.2), but it did not provide any specific details. iGBA was a copycat version of developer Riley Testut's open-source GBA4iOS app. The emulator rose to the top of the App Store charts following its release this weekend,...
Read Full Article135 comments
Delta Feature

Delta Game Emulator Now Available From App Store on iPhone

Wednesday April 17, 2024 9:58 am PDT by
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
Read Full Article133 comments
iGBA Feature

Game Boy Emulator for iPhone Now Available in App Store Following Rule Change [Removed]

Sunday April 14, 2024 8:06 am PDT by
A week after Apple updated its App Review Guidelines to permit retro game console emulators, a Game Boy emulator for the iPhone called iGBA has appeared in the App Store worldwide. The emulator is already one of the top free apps on the App Store charts. It was not entirely clear if Apple would allow emulators to work with all and any games, but iGBA is able to load any Game Boy ROMs that...
Read Full Article106 comments
iPhone 15 Pro Action Button Translate

All iPhone 16 Models to Feature Action Button, But Usefulness Debated

Tuesday April 16, 2024 6:54 am PDT by
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
Read Full Article101 comments