What to do now that Apple has released an emergency fix for iPhones, Macs, and Apple Watches

What to do now that Apple has released an emergency fix for iPhones, Macs, and Apple Watches

You’ll want to update your iDevices to iOS and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2 and Safari 14.1.2. MacOS 10.15 Catalina gets a security update without a new version number, while the Safari update is for Catalina and its predecessor, macOS 10.14 Mojave.

Apple today (Sept. 13) released updates for iOS, iPadOS, macOS, watchOS and Safari to fix two zero-day flaws that are actively being exploited by hackers. At least one of the flaws has been used by commercial spyware to break into the phones of political activists in Persian Gulf countries.

WhatsApp to offer ‘end-to-end’ encrypted backups — what you need to know
The best Mac antivirus software
Plus: iPhone 13 — here’s how Apple can convince people to upgrade
We know some details about one of the two flaws, catalogued as CVE-2021-30860, which affects the Apple CoreGraphics component on iOS, iPadOS, watchOS, Big Sur and Catalina, but not Safari on its own.

Apple’s security advisories state that because of this vulnerability, “processing a maliciously crafted PDF may lead to arbitrary code execution.” In other words, if you view a booby-trapped PDF, your system can be hacked over the internet.

This flaw was discovered last month by Citizen Lab researchers at the University of Toronto who had examined the iPhones of nine Bahraini dissidents. The researchers called the exploit of the vulnerability “FORCEDENTRY” and said it was used by the Pegasus spyware, commercial spyware developed and distributed by Israel-based NSO Group.

Today, Citizen Lab disclosed that the same exploit was used on an iPhone belonging to a Saudi political activist. The exploit permits takeover of an iPhone if the user opened a message in iMessage.

The other vulnerability, catalogued as CVE-2021-30858, is more mysterious. It is a flaw in WebKit, the Safari rendering engine, and its discovery is credited to “an anonymous researcher.”

Apple states that “processing maliciously crafted web content may lead to arbitrary code execution” — again, nasty web stuff can hack your device.

This flaw affects iOS, iPadOS, Big Sur and Safari, but not watchOS or Catalina. As with the other flaw, Apple says that it is “aware of a report that this issue may have been actively exploited.” Soon after Apple released the patches, Reuters posted a story about the intelligence services of the United Arab Emirates hacking the iPhones of domestic political activists and foreign diplomats and politicians. It’s not yet clear whether either zero-day flaw patched today is involved.

The News Highlights

  • What to do now that Apple has released an emergency fix for iPhones, Macs, and Apple Watches
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
New Florida Surgeon General at COVID: ‘We End with Fear’
New Florida Surgeon General at COVID: ‘We End with Fear’
He said approaching health policy with fear leads to bad decisions. “We’re going to be very explicit about the differences between the science and our ...
Apply for Atlanta Emergency Rental Assistance Money While You Can
NTSB analyzing fractured pipeline in Coolidge explosion
A 46-foot section of the pipeline was ejected during the explosion, according to investigators. But right before the explosion, the NTSB said the gas ...
iOS 15 is adding verifiable Covid-19 vaccination records in it’s wallet
iOS 15 is adding verifiable Covid-19 vaccination records in it’s wallet
That’s a timely feature for a global pandemic — and soon, Apple plans to take it a step further by letting you add those vaccination cards to your Apple ...
Financial Severity Responds to Attacks on Legitimate Tax Planning
China and US reveal big separate steps to fight climate change
This could provide some momentum going into major climate talks in Glasgow, Scotland, in less than six weeks, experts said. Running up to the historic 2015 ...
During Biden’s remarks, Kurtz checked his phone
During Biden’s remarks, Kurtz checked his phone
Federal Chancellor Sebastian Kurz (ÖVP) appears to have been under special scrutiny Tuesday at the United Nations general debate in New York during US ...
Facebook Oversight Board Observeing ‘XCheck’ System for VIPs
Facebook Oversight Board Observeing ‘XCheck’ System for VIPs
The Journal’s report found that many VIP users abuse the system, “posting material including harassment and incitement to violence that would typically lead ...
Shenendehowa CSD issues a phone fraud alert to local businesses
Shenendehowa CSD issues a phone fraud alert to local businesses
Avoiding the ‘grandparent’ scam Any official fundraising activities from Shenendehowa Athletics are initiated by coaches or officers in Booster Clubs. The ...
Immokalee business owner sustains culture alive with Lozano’s Mexican Restaurant
Immokalee business owner sustains culture alive with Lozano’s Mexican Restaurant
“We rise up at 4:30 within the morning,” stated Gonzalez. “We begin making ready our rice, beans, corn tortillas. We begin cooking.” Lozano’s Mexican ...
Are Apple Inc. Stocks Worth Buying?
Are Apple Inc. Stocks Worth Buying?
Is Apple Inc. (NASDAQ:AAPL) a good stock to buy? Prominent investors were turning bullish. The number of bullish hedge fund bets advanced by 11 lately. Apple ...
Idaho’s prospects for COVID are dire as cases continue to rise
Idaho’s prospects for COVID are dire as cases continue to rise
“The numbers continue to increase, and we expect them to continue to increase,” Jeppesen said. The entire state entered “crisis standards of care” last ...
Show next
Compsmag - Latest News from tech, business and health
Logo