Security News > 2021 > September > Apple Issues Emergency Fix for NSO Zero-Click Zero Day
Apple users should immediately update all their devices - iPhones, iPads, Macs and Apple Watches - to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware.
The security updates, pushed out by Apple on Monday, include iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS. The patches will fix at least one vulnerability that the tech behemoth said "May have been actively exploited."
Apple had just introduced BlastDoor, a structural improvement in iOS 14 meant to block message-based, zero-click exploits like these NSO Group-associated attacks - the month before.
On Monday, Sept. 13, Apple confirmed that the files included a zero-day exploit against iOS and MacOS. Apple has designated the ForcedEntry exploit CVE-2021-30860: an as-yet-unrated flaw that Apple describes as "Processing a maliciously crafted PDF may lead to arbitrary code execution."
Citizen Lab described several distinct elements that gives researchers high confidence that the exploit can be tied to the secretive Israeli spyware maker NSO Group, including a forensic artifact called CascadeFail.
Zero click remote exploits such as the novel method used by Pegasus spyware to invisibly infect an Apple device without the victim's knowledge or the need for the victim to click on anything at all were used to infect one victim for as long as six months.
News URL
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Related news
- NSO Group used another WhatsApp zero-day after being sued, court docs say (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-30860 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow was addressed with improved input validation. | 7.8 |