security

Apple releases important security update for old iPhone, iPod, iPad … – BGR


After releasing a major security update last week for iPhone, iPad, and Mac models, Apple is ensuring the same treatment to old devices as it has released iOS 15.7.9, iPadOS 15.7.9, macOS 11.7.10, and macOS 12.6.9 to all users.

These are the devices that can be updated with these software releases:

  • iPhone 6s
  • iPhone 6s Plus
  • iPhone SE (1st generation)
  • iPod touch (7th generation)
  • 2015 MacBook
  • 2013 MacBook Air or later
  • 2013 MacBook Pro or later
  • 2014 Mac mini or later
  • 2014 iMac or later
  • 2013 Mac Pro

That said, if you are using any of these devices, you should update your iPhone,iPod, iPad, or Mac right away, as these new versions avoid a major security exploit that could allow bad actors to spy on you through your devices.

As reported by BGR, this exploit was discovered by Citizen Lab while checking an employee’s device in a Washington, DC-based civil society organization. The exploit, they say, was used to infect the device with NSO’s Pegasus spyware. The exploit doesn’t require the user to click on anything, as it infects the device through any iMessage the bad actor sends to the targeted device.

iPhone-6s
Apple’s iPhone 6s in a variety of colors. Image source: Apple

While these types of attacks are typically only used against high-threat models – people in the public eye – security expert Rachel Tobac warns that every user with an Apple device should update their devices to avoid any possible infection and breach of their privacy. Citizen Lab also recommends updating to the new iOS version immediately.

Readers Also Like:  GitHub Copilot for Business, now in public release, weaves in security - Cybersecurity Dive

The exploit is currently logged as two separate CVEs, CVE-2023-41064 and CVE-2023-41061. If you’re someone in a role with an increased risk of being exposed to such exploits, Citizen Lab recommends using Apple’s Lockdown Mode to avoid the exploit, as it should block the attack, according to Citizen Lab’s report.

This kind of zero-click exploit is exceptionally tricky, as it doesn’t require any input from the user to infect the device. As such, simply receiving an iMessage that is infected with the exploit could allow bad actors to gain access to your device and spy through it. Because of the severity of this exploit, it is recommended that you update to iOS 16.6.1 immediately, even if you do not believe you are at risk.

That said, check all of your Apple devices, as a security update might be waiting for you. Below, Apple is expected to announce the iPhone 15, so check BGR for the latest news.





READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.