• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

Apple’s Rapid iOS 17 Patch Trend Continues with iOS 17.0.2

September 27, 2023

Ultenic U12 Vesla review

September 27, 2023

Asustor Nimbustor 2 Gen2 AS5402T review

September 27, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Mobile Tech»Apple Releases iOS 16.6.1 in Response to New Pegasus Spyware Attack
Mobile Tech

Apple Releases iOS 16.6.1 in Response to New Pegasus Spyware Attack

September 8, 2023Updated:September 8, 2023No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
iPhone Spyware
Share
Facebook Twitter LinkedIn Pinterest Email

In what is going to hopefully change into one final iOS 16 replace earlier than iOS 17 is launched this month, Apple has simply launched iOS 16.6.1, an import sub-point launch that fixes a pair of extreme safety flaws in iOS 16.6.

Though late-cycle iOS level releases are often fairly uninspiring, they’re essential to patch vulnerabilities found by safety researchers. Irrespective of how a lot Apple tries to harden its software program towards exploits, it’s unimaginable to catch every little thing in one thing as complicated as iOS. The result’s a cat-and-mouse recreation as safety specialists — hopefully moral, “white hat” hackers — uncover these flaws and report them to Apple to allow them to be patched.

That is exactly why iOS 16.6 was a significant replace; regardless that it carried no user-facing options to encourage of us to replace, it plugged quite a few safety holes, a few of which had already been exploited by malicious hackers to probably compromise customers’ iPhones.

Fortunately, out of 16 safety vulnerabilities mounted in iOS 16.6?, Apple was solely conscious of two flaws being “actively exploited.” To be clear, that doesn’t imply the opposite 14 hadn’t been; merely that Apple and different safety researchers had no proof of this. Nonetheless, as soon as iOS 16.6 was launched together with the record of safety fixes, the cat was out of the bag, giving unhealthy actors a map of learn how to assault gadgets that hadn’t been up to date to iOS 16.6.

The identical is true with two new safety points mounted in iOS 16.6.1 — each of which can have already been actively exploited by mercenary adware.

See also  Apple May Be Saving Its Best Camera Features for the iPhone 15 Pro Max

What’s Mounted in iOS 16.6.1

Particularly, iOS 16.6.1 fixes two vulnerabilities uncovered by Citizen Lab researchers at The College of Toronto?s Munk College of World Affairs and Public Coverage.

The primary, discovered within the ImageIO framework, might enable a maliciously crafted picture posted on a web site or obtained by electronic mail or textual content message to execute arbitrary code in your gadget.

A second flaw present in Apple’s Pockets app might do the identical when receiving a maliciously crafted PassKit attachment, akin to a ticket or loyalty card. Whereas Apple credit itself for locating this one, it additionally acknowledges Citizen Lab for its help.

The 2 flaws are associated to a brand new assault vector found in use by NSO Group’s Pegasus adware. Citizen Lab revealed a information launch at present outlining a brand new BLASTPASS exploit chain present in iOS 16.6 as a “zero-click, zero-day exploit” that’s “able to compromising iPhones operating the newest model of iOS (16.6) with none interplay from the sufferer.”

We confer with the exploit chain as BLASTPASS. The exploit chain was able to compromising iPhones operating the newest model of iOS (16.6) with none interplay from the sufferer. The exploit concerned PassKit attachments containing malicious photographs despatched from an attacker iMessage account to the sufferer.

Citizen Lab

The group at Citizen Lab is utilizing everybody to right away replace their gadgets to iOS 16.6.1 to defend towards this new assault. Additionally they commend Apple for its “speedy investigative response and patch cycle” and “acknowledge the sufferer [of the attack] and their group for his or her collaboration and help” in bringing it to Citizen Lab’s consideration in order that it might be reported to Apple and patched.

Apple’s replace will safe gadgets belonging to common customers, corporations, and governments across the globe. The BLASTPASS discovery highlights the unbelievable worth to our collective cybersecurity of supporting civil society organizations.

Citizen Lab

Citizen Lab additionally encourages those that could face an elevated danger of being focused by Pegasus “due to who they’re or what they do” to allow Apple’s Lockdown Mode.

See also  Google Maps explains moderation for reviews on platform



Source link

16.6.1 Apple Attack iOS Pegasus releases Response spyware
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Apple’s Rapid iOS 17 Patch Trend Continues with iOS 17.0.2

September 27, 2023

iOS 17 Has Broken One of the Best Apple Mail Features

September 27, 2023

Too Hot to Handle? iPhone 15 Owners Report Serious Overheating

September 27, 2023

Apple Reconsidering Lower-Cost Apple Vision Pro

September 27, 2023
Add A Comment

Leave A Reply Cancel Reply

Editors Picks

Bowery Farms, web3 startup Yat, and Stripe’s internal valuation – DailyTech

July 15, 2022

Storm clouds and silver linings in historic bank collapse – Startup

March 14, 2023

Researchers announce new AI-based technology that can create short videos based on single images

August 20, 2022

Grand strategy society simulator Victoria 3 will be released October 25

August 30, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Apple’s Rapid iOS 17 Patch Trend Continues with iOS 17.0.2

Ultenic U12 Vesla review

Asustor Nimbustor 2 Gen2 AS5402T review

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.