Apple on Monday released security updates for its iPhone, iPad, Apple Watch and Mac computers to close a vulnerability that reportedly allowed devices to be exploited by Pegasus spyware.
Apple’s security note for iOS 14.8 and iPadOS 14.8 says: “Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.” Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6 as well as a security update for MacOS Catalina to address the vulnerability.
In July, security researchers revealed evidence of Pegasus spyware being used on the phones of journalists, politicians and activists. The spyware, made by an Israel-based NSO group, is reportedly capable of accessing and recording texts, videos, photos and web activity as well as passively recording and scraping passwords on a device.
More to come.