Apple Security Update to Counter Threat Giving Hackers Access Without User Clicking
Apple has issued security patches to address vulnerabilities on its devices that could have allowed hackers to infect targets with spyware, even without any user interaction. This is a significant security update for various Apple devices, including iPhone 8 and later, iPad Pro, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later. The patches are specifically for iOS 16.6.1 and iPadOS 16.6.1 versions of the operating system. Apple has stated that the security threat is related to the processing of “maliciously crafted” images on affected devices, which can lead to the execution of harmful code. The company also mentioned that there have been reports of active exploitation of this issue.
The security patches have been integrated into Apple’s regular updates for iOS, macOS, iPadOS, and watchOS. Users are advised to ensure that their Apple software is updated to protect against this threat. The good news is that users do not need to take any specific action to counter the vulnerability.
Related Stories
The zero-click vulnerability, which allows hackers to gain access to a device without any user interaction, was recently discovered by Citizen Lab, an academic research organization. They found that NSO Group’s Pegasus spyware was being delivered through this exploit. NSO Group is an Israeli technology company known for its spyware that can infiltrate mobile phones and collect personal data, including photos, communications, call logs, web searches, and passwords. The spyware can even control cameras and microphones without the user’s knowledge.
Citizen Lab named the exploit chain used for this attack as BLASTPASS. It was capable of compromising iPhones running the latest version of iOS without any interaction from the victim. Therefore, it is crucial for everyone to update their devices immediately to protect against this vulnerability.
When Citizen Lab discovered the vulnerability, they promptly informed Apple, which led to the release of the security patch. Apple expressed its gratitude to Citizen Lab for their assistance in the security update.
Lockdown Mode
Citizen Lab also recommends enabling Lockdown Mode for individuals who may face an increased risk of being targeted by sophisticated digital threats. Lockdown Mode is an optional feature designed to provide extreme protection by limiting the functionality of the device. It reduces the “attack surface” that hackers can exploit.
When Lockdown Mode is enabled, certain apps, websites, and features are strictly limited or unavailable. This includes blocking most message attachment types, certain complex web technologies, incoming FaceTime calls, and invitations for Apple services. Shared albums are also removed from the Photos app.
To enable Lockdown Mode on iPhones or iPads, users need to follow these steps:
- Open the Settings app
- Tap “Privacy & Security”
- Select the “Lockdown Mode” option under security
- Tap ”Turn On Lockdown Mode”
- Tap “Turn On & Restart”
- Enter the device passcode
When Lockdown Mode is active, users may receive notifications about limited app or feature functionality, and Safari will display a banner indicating that Lockdown Mode is on.
In a report by Citizen Lab analyzing attacks on Apple devices, Lockdown Mode successfully blocked one of the attacks. This demonstrates the effectiveness of Lockdown Mode in mitigating zero-click vulnerabilities.
However, it is important to note that Lockdown Mode is an optional feature, and users should carefully consider its implications. The details of its implementation are crucial.
" Conservative News Daily does not always share or support the views and opinions expressed here; they are just those of the writer."
*As an Amazon Associate I earn from qualifying purchases
Now loading...