Security News > 2021 > September > Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple Issues Emergency Fix for NSO Zero-Click Zero Day
2021-09-13 22:10

Apple users should immediately update all their devices - iPhones, iPads, Macs and Apple Watches - to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware.

The security updates, pushed out by Apple on Monday, include iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS. The patches will fix at least one vulnerability that the tech behemoth said "May have been actively exploited."

Apple had just introduced BlastDoor, a structural improvement in iOS 14 meant to block message-based, zero-click exploits like these NSO Group-associated attacks - the month before.

On Monday, Sept. 13, Apple confirmed that the files included a zero-day exploit against iOS and MacOS. Apple has designated the ForcedEntry exploit CVE-2021-30860: an as-yet-unrated flaw that Apple describes as "Processing a maliciously crafted PDF may lead to arbitrary code execution."

Citizen Lab described several distinct elements that gives researchers high confidence that the exploit can be tied to the secretive Israeli spyware maker NSO Group, including a forensic artifact called CascadeFail.

Zero click remote exploits such as the novel method used by Pegasus spyware to invisibly infect an Apple device without the victim's knowledge or the need for the victim to click on anything at all were used to infect one victim for as long as six months.


News URL

https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-30860 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow was addressed with improved input validation.
local
low complexity
apple xpdfreader freedesktop CWE-190
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349