THE apple (AAPL34) released on Monday (13) an update to the iOS operating system to fix an iMessage vulnerability. According to the Citizen Lab, the interdisciplinary research laboratory at the University of Toronto, Israeli cybersecurity firm NSO Group had been exploiting the flaw in the iPhone creator’s software since at least February.
O Citizen Lab discovered the vulnerability by analyzing the iPhone of a Saudi activist who had been infected with spyware from the NSO Group. The attack modality is called zero-day, because the company — in this case Apple — has just discovered the problem and has “zero days” to fix it.
“We determined that mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with Pegasus spyware,” explained the Canadian laboratory.
The attack targeted Apple’s image rendering library and was effective against Apple iOS, MacOS and WatchOS devices.
“After identifying the vulnerability used by this attack to iMessage, Apple quickly developed and deployed a patch on iOS 14.8 to protect our users,” said Ivan Krstić, Apple’s head of security engineering and architecture, in a statement, as reported by the US press.
“We would like to congratulate Citizen Lab on successfully completing the hard work of getting a sample of this exploit so we could quickly develop this fix,” he added.
According to the The New York Times, the company plans to introduce new security barriers against spyware in the next iOS 15 software update, scheduled for later this year.
Apple Quote (AAPL34) on Tuesday
The action of apple listed on the US Nasdaq stock exchange ended today’s trading session down 0.96%, at US$ 148.12. The BDR (Brazilian Depositary Receipt) of the apple company, quoted in Brazil, ended this Tuesday at a high of 0.22%, at R$ 78.09.