Apple has issued a security patch that warrants immediate attention from iPhone and iPad users.
During the afternoon of a recent Thursday, Apple initiated the release of iOS 16.6.1. This update specifically targets a zero-day vulnerability that, according to research by the University of Toronto’s Citizen Lab, had been actively exploited by the NSO Group from Israel. Their aim was to compromise devices with the insidious Pegasus spyware. Apple’s official statement concerning this vulnerability on its iOS 16.6.1 support page states, “The processing of a deliberately manipulated image could potentially trigger the execution of arbitrary code.”
Citizen Lab made the initial discovery of a vulnerability, named Blastpass, just last week. They stumbled upon it while examining the device of an individual linked to a “civil society organization with international offices” situated in Washington, DC. The research group noted, “The exploit chain had the capability to compromise iPhones running the most recent iOS version (16.6) without requiring any interaction from the device owner.” This exploit hinged on PassKit, a code suite provided by Apple to developers seeking to integrate Apple Pay functionalities into their applications. Citizen Lab has stated its intention to provide further details about this exploit in the future. According to Apple, iOS 16’s Lockdown Mode has the ability to thwart Blastpass.
“Citizen Lab conveyed a strong recommendation to all individuals who might be at heightened risk due to their identities or occupations: they should activate Lockdown Mode. In addition, Citizen Lab expressed its appreciation for Apple’s swift investigative response and efficient patch deployment. They also extended gratitude to the victim and their affiliated organization for their valuable cooperation and support throughout the process.”
🚨🚨WE URGE EVERYONE TO UPDATE THEIR APPLE DEVICES AS SOON AS POSSIBLE.
We have found an actively exploited #zero #click vulnerability that was used to deliver #NSO group’s #Pegasus #spyware. https://t.co/BS0ZI4QuIz
— Citizen Lab (@citizenlab) September 7, 2023
This marks not the inaugural instance where Apple found itself compelled to issue an impromptu update to rectify a vulnerability unearthed by the NSO Group within the iOS system. In 2022, the tech juggernaut launched iOS 15.6.1, specifically to redress two distinct vulnerabilities. A year prior to that, Apple took the unprecedented step of pursuing legal action against the NSO Group, seeking to impede the proliferation of commercial spyware.
Apple has recently issued a security patch to safeguard your iOS devices from potential spyware threats. This patch addresses vulnerabilities that could be exploited by malicious actors to install spyware or compromise your device’s security.
To ensure the protection of your iOS device, it’s essential to stay up-to-date with the latest software updates and security patches provided by Apple. These updates often include fixes for known vulnerabilities and security enhancements that help protect your personal data and privacy.
Here are the steps to update your iOS device and apply the security patch:
- Connect to Wi-Fi: Ensure your device is connected to a Wi-Fi network to download the update, as updates can be quite large and may consume a significant amount of data if downloaded over cellular networks.
- Check for Updates:
- For iPhone or iPad, go to “Settings.”
- Scroll down and select “General.”
- Tap “Software Update.”
- Download and Install:
- If an update is available, you’ll see a notification indicating the update’s size and what’s included. Tap “Download and Install.”
- Follow the on-screen prompts to complete the installation. Your device will restart as part of the update process.
- Enter Your Passcode: Depending on your device’s security settings, you may need to enter your device passcode or Apple ID password during the update.
- Wait for Installation: Allow your device to complete the update installation, which may take several minutes.
- Verification: Once the update is installed, your device will restart, and the new security patch will be active.
It’s crucial to keep your iOS device and its apps up to date to ensure the best possible protection against security threats and vulnerabilities. Additionally, exercise caution when downloading and installing apps, only use trusted sources, and be wary of suspicious links or attachments to minimize the risk of spyware or other malware.
By regularly updating your device’s software and following good security practices, you can help ensure the security and privacy of your iOS devices.
According to Lifewire, the patch fixes a zero-day attack that allows hackers to infect iPhones without any interaction. The attack exploits a vulnerability in the iMessage app and is linked to the NSO Group, a commercial spyware vendor. Apple advises all users to update their devices to iOS 16.6.1 or iPad OS 16.6.1 as soon as possible.
A zero-day attack is an attack that exploits a software vulnerability that the vendor or developer is unaware of. The attacker releases malware before the developer or vendor has had the opportunity to create a patch to fix the vulnerability. The term “zero-day” refers to the number of days since the vulnerability was discovered by the attacker.
There are some tips to protect your device from zero-day attacks. Some of them are:
- Always update your systems and software as soon as possible, as they may include patches that fix software gaps.
- Delete unnecessary software that you seldom use, as they may contain vulnerabilities that can be exploited.
- Use a firewall, antivirus software, and a VPN to protect your device from malicious traffic and malware.
- Isolate applications and web browsers that may be vulnerable to zero-day exploits, using technologies such as Microsoft Defender Application Guard.
Unfortunately, zero-day attacks cannot be prevented completely, as they exploit unknown vulnerabilities that are not yet patched by the vendors or developers. However, you can mitigate their potential impact by following the tips I mentioned before, and also by:
- Monitoring your network and systems for any suspicious activity or anomalies.
- Implementing an incident response plan that can help you contain and recover from a zero-day attack.
- Educate yourself and your staff about the common signs and methods of zero-day attacks, such as phishing emails, malicious attachments, or fake websites.
One way to educate yourself about zero-day attacks is to read articles and blogs that explain the definitions, examples, and prevention tips of zero-day attacks. For example, you can check out these sources:
- What is a zero-day exploit? Definition and prevention tips.
- 5 Security Experts Share Best Practices to Prevent Zero-Day Attacks.
- Zero days explained: How unknown vulnerabilities become gateways for attackers.
Another way to educate yourself is to watch videos or webinars that demonstrate how zero-day attacks work and how to protect yourself from them. For example, you can watch these videos:
- How Zero-Day Attacks Work
- Zero-Day Attacks: What They Are and How to Prevent Them
The most common targets of zero-day attacks are:
- Government agencies and public institutions, as may have sensitive or classified information that can be used for espionage, sabotage, or blackmail.
- Large enterprises and senior employees, as may have access to valuable business data, intellectual property, or financial assets that can be stolen or compromised.
- Groups of individuals with vulnerable systems, such as outdated or unpatched operating systems, web browsers, or software applications can be easily exploited.
- Hardware devices and their firmware, such as routers, printers, cameras, or IoT devices can be hijacked or manipulated.
- Enemies of the state, such as political dissidents, activists, journalists, or human rights defenders can be tracked, harassed, or silenced.
Are you concerned about being a target of zero-day attacks? You can protect yourself by following the tips I mentioned before, such as updating your systems and software, deleting unnecessary software, using a firewall, antivirus software, and a VPN, isolating vulnerable applications and web browsers, monitoring your network and systems, implementing an incident response plan, and educating yourself about zero-day attacks.
You can also check out these sources for more information:
- How to Prevent Zero-Day Attacks – Check Point Software
- Zero-Day Attack Prevention: 4 Ways to Prepare – Cynet
Unfortunately, zero-day attacks cannot be prevented completely, as they exploit unknown vulnerabilities that are not yet patched by the vendors or developers. However, you can mitigate their potential impact by following the tips I mentioned before, and also by:
- Monitoring your network and systems for any suspicious activity or anomalies.
- Implementing an incident response plan that can help you contain and recover from a zero-day attack.
- Educate yourself and your staff about the common signs and methods of zero-day attacks, such as phishing emails, malicious attachments, or fake websites.
What is a Zero-Day Exploit?
A zero-day exploit is when hackers discover a software gap or flaw they can use to gain access to users’ information or computers. It is called a zero-day exploit because the developers or vendors have zero days to fix the issue before it is exploited. A zero-day attack is the use of a zero-day exploit to cause damage to or steal data from a system affected by a vulnerability.
For example, hackers can use a zero-day exploit to send phishing emails with malicious attachments that can infect the recipients’ computers with malware or create fake websites that can trick users into entering their personal or financial information.