If you're one of those people who perpetually ignore software updates, don't ignore this one. After a cyber security research company recently revealed a massive security exploit, Apple has issued an emergency update for iOS and macOS operating systems. This zero-click exploit could infect your Apple device with spyware without you ever knowing.
According to this report by the University of Toronto's Citizen Lab, the ForcedEntry zero-click exploit can pretty much compromise all Apple devices such as phones, tablets, smartwatches, and computers.
Best CPU for gaming: the top chips from Intel and AMD
Best graphics card: your perfect pixel-pusher awaits
Best SSD for gaming: get into the game ahead of the rest
The report also linked the NSO Group with another zero-click attack back in 2019. NSO found a similar vulnerability in Whatsapp and infected the phones of over 1400 users connected to a Human Rights Facebook group with its spyware. Currently, there's no telling on how many users' phones may have been targeted and/or compromised. NSO Group has denied all allegations of wrongdoing.
Citizen Lab's concludes its report with a call to action for regulation against companies like NSO Group:
"Our latest discovery of yet another Apple zero day (term for a computer-software vulnerability is known to interested parties) employed as part of NSO Group’s arsenal further illustrates that companies like NSO Group are facilitating 'despotism-as-a-service' for unaccountable government security agencies. Regulation of this growing, highly profitable, and harmful marketplace is desperately needed."
The best way to protect yourself and your Apple products right now is by making sure all your Apple devices have the current software update issued on Monday, September 13. Apple is expecting to announce a slate of new devices today, so it will be interesting to see if the company addresses the emergency fix in the keynote.
