Apple fixes zero-day flaw that affects all its devices, urges users to apply updates

Apple has released a patch for a vulnerability that affects all versions of its iOS, OSX and watchOS operating systems and is urging users to apply the update

Internet security watchdog group Citizen Lab said it affects “all iPhones with iOS versions prior to 14.8; all Mac computers with operating system versions prior to OSX Big Sur 11.6, Security Update 2021-005 Catalina; and all Apple Watches prior to watchOS 7.6.2.”

The vulnerability believed to be exploited by the Israeli surveillance firm, NSO Group, beats security systems put in place by Apple in recent years.

According to Apple, it has fixed the vulnerability in its latest software update.

The vulnerability originates from a flaw in how iMessage automatically renders images.

Repeated attempts from the NSO group as well as other cyber arms dealers targeting iMessage prompted Apple to update its architecture, however, the upgrade has not yet fully secured the system.

Apple described the flaw as “processing a maliciously crafted PDF may lead to arbitrary code execution.”

There was no immediate comment from the US Cybersecurity and Infrastructure Security Agency.

2 + 5 =