- APPLE SECURITY UPDATE CLOSES SPYWARE FLAW UPDATE
- APPLE SECURITY UPDATE CLOSES SPYWARE FLAW PRO
- APPLE SECURITY UPDATE CLOSES SPYWARE FLAW SOFTWARE
"If Apple think it’s so serious that they need to go public then if you haven’t already installed iOS 15.6.1 you need to go and do it right now.NSO Group responded with a one-sentence statement saying it will continue providing tools for fighting “terror and crime.”
APPLE SECURITY UPDATE CLOSES SPYWARE FLAW UPDATE
"The big risk in publicising a major vulnerability is that now every cyber criminal on the planet knows it exists and Apple users are in a Zero Day race to update their devices before they can be infected," he said. The largest risk at publicising a major vulnerability in the way Apple has done is that it alerts organisations such as Pegasus of the existence of this flaw, said Brian Higgins, security specialist at Comparitech. Usually, Apple does not publicise security vulnerabilities and waits instead until the flaws have been solved. This can happen even without any user interaction."Ĭommercial spyware company Pegasus NSO Group has been blacklisted by the US Commerce Department after its spyware was found to have been used in Europe, the Middle East, Africa and Latin America to monitor journalists, dissidents and human rights activists in real-time. "There are several known examples of previous vulnerabilities being exploited to deliver spyware to devices, such as NSO Group's Pegasus. "This makes them as bad as it can get and users should update as soon as possible." "Apple have released few details about the vulnerabilities other than the fact that they can allow 'full admin access' and have been 'actively exploited in the wild'," said Tom Davison, senior director, engineering international at mobile security provider Lookout.
APPLE SECURITY UPDATE CLOSES SPYWARE FLAW SOFTWARE
"Many users keep the most sensitive personal details and information on their devices," he said "I suspect that Data Commissioners will raise serious questions of Apple."Īlthough Apple has often relied on software updates to protect its devices and fix patches, several experts have noted the fact that the company has chosen to go public with this information while giving no technical analysis of the vulnerabilities. Jonathan Compton, a partner at city law firm DMH Stallard, pointed out previous rumours regarding a security flaw in Apple devices and stressed that, should the flaw be considered serious enough, it might lead to public authorities getting involved, to ensure that users are protected. "Historically, many people have not updated their Apple products for fear of shortening the life span of their devices that behaviour now must change. "Pretty much everything we hold dear resides on our Apple products," he said. With billions of devices all around the world, an Apple vulnerability could have "wide-reaching implications", according to Andy Norton, chief cyber risk officer at Armis. "The time that we all thought only Microsoft machines had serious vulnerabilities is long gone," Wieringa added.Īs society becomes more and more technology-enhanced, devices hold increasing amounts of sensitive user data, due to the rising popularity of f acial recognition features, and banking and health-monitoring apps.
This is due to the fact that the flaw gives attackers "privileges to the highest level, the kernel, to execute code", added Jelle Wieringa, Security Awareness Advocate at KnowBe4.Īlthough Apple had long claimed that its devices are "the most secure in the world," the vulnerability has proved that even the best security designs are at risk.
APPLE SECURITY UPDATE CLOSES SPYWARE FLAW PRO
Security experts have recommended users update their devices, particularly the ones affected: iPhones6S and later models several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2 and Mac computers running MacOS Monterey.Īpple’s explanation of the vulnerability means a hacker could get “full admin access to the device” so that they can “execute any code as if they are you, the user”, said Rachel Tobac, CEO of SocialProof Security.
The software vulnerabilities have affected various models of the iPhone, iPad and Mac, with experts advising consumers to update their devices to secure them.Īpple has said it is “aware of a report that this issue may have been actively exploited”, and has published two security reports, but it did not give details regarding who discovered the flaw or how many users were affected by it.
0 kommentar(er)
