If the automatic update of your Apple devices is not turned on, now is the time to do it. The company at the apple announced Monday that it had fixed the computer flaw exploited by the spyware Pegasus. Developed by Israeli company NSO, it was able to exploit a vulnerability in iMessage to infect devices without the user even clicking a tricky link or button. Morocco had been accused of having used it to spy on leaders, especially in Saudi Arabia.
The updates are for iPhone, Mac, iPad, and Apple Watch, with iOS 14.8, watchOS 7.6.2, iPad OS 14.8, and macOS 11.6. “Apple is aware of a report on the fact that this flaw could be exploited”, noted the Californian group in its note on the update published Monday. He did not immediately respond to a request from AFP.
Operated since February 2021
The flaw was spotted by Citizen Lab researchers, who discovered that a Saudi activist’s iPhone had been infected via iMessage, Apple’s messaging system. According to this cybersecurity organization at the University of Toronto, Pegasus has been using this vulnerability “since at least February 2021”.
“This exploit, which we called FORCEDENTRY, targets Apple’s image rendering library, and worked against Apple iOS, MacOS and WatchOS devices,” the operating systems of mobile phones, computers and smartwatches from the brand to Apple.
“The NSO group will continue to equip intelligence agencies and law enforcement agencies around the world with technologies that save lives and help fight crime and terrorism,” Israeli society reacted.
International espionage
Apple’s update, which has made the security of its phones and computers a major selling point, shows the growing difficulty for companies, including the Silicon Valley giants, to cope with growing computer threats. more sophisticated.
Citizen Lab had played a key role in bringing the mass spy scandal to light via Pegasus in July. According to information from a consortium of 17 media, in France, an issue of Emmanuel Macron, former Prime Minister Édouard Philippe and 14 members of the government appeared “in the list of issues selected by a security service of the ‘Moroccan State, user of Pegasus spyware, for potential piracy’.
In all, according to Amnesty and Forbidden Stories, the case concerns a list of 50,000 phone numbers around the world selected since 2016 by NSO customers.