The authoritative record of NPR’s programming is the audio record. This text may not be in its final form and may be updated or revised in the future. NPR transcripts are created on a rush deadline by an NPR contractor. Apple Issues Emergency Security Updates to Close a Spyware Flaw. Visit our website terms of use and permissions pages at for further information. Harwell says it may take a few minutes, but it will likely be a few minutes well-spent.Ĭopyright © 2021 NPR. It scares them even to this day, so.ĬHANG: So if you haven't already, you can download Apple's patch under settings, then go to general, then software update. I mean, it's gathered sensitive data about them. HARWELL: We did some reporting that found, you know, a list of tens of thousands of numbers that may have been, you know, potentially targeted by Pegasus spyware. HARWELL: The people we've seen that have been targeted by this spyware have been human rights activists, lawyers, dissidents, journalists.ĬHANG: While not everyone with an iPhone or Apple device has been hacked, Harwell says this spyware is still targeting people. Apple has made one last major update to its current operating systems addressing a serious security flaw that was being exploited by the spyware Pegasus. The urgent update that Apple ( AAPL) released Monday plugs a hole in the iMessage software that allowed hackers to infiltrate a user's phone without the user clicking on any links, according to. But as Harwell and a consortium of journalists have reported, researchers at the University of Toronto found out about these zero-click hacks because they targeted people who shouldn't have been under this kind of surveillance. KELLY: NSO Group was able to market its Pegasus software to governments and law enforcement groups to help combat terrorism and crime. HARWELL: If you're a $2 trillion company and you are advertising yourself as the choice for privacy for people around the world, you've got to wonder, should they be spending more toward keeping people's phones safe and secure? Like, Apple has been marketing that they are the privacy company for years.ĬHANG: Drew Harwell covers tech for The Washington Post, and he says Apple's update advisory was shocking given how much money the company invests in security. And needless to say, Apple consumers are worried.ĭREW HARWELL: It's a big blow. It's made by an Israeli-based company called NSO Group. This zero-click technology is employed by spyware called Pegasus. Apple issued the update to its iOS yesterday because devices were vulnerable to a military-grade spyware that could infiltrate devices even without users clicking on a link or downloading malicious software. "The window of exposure for consumers is between that time when a patch is available and when they actually apply that patch," she said, and noted that Apple doesn't always make updates automatic.And if you have an iPhone or iPad, you are likely among the 1 1/2 billion people who should download an emergency software update to your device. Moussouris said users should update their operating systems as quickly as possible. The site's security update page notes, "Keeping your software up to date is one of the most important things you can do to maintain your Apple product's security." SAN FRANCISCO Apple disclosed serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices. For sure, you know this is a serious issue."Īpple said they've fixed the issue in their latest operating system update, and encouraged iOs and iPadOS users to upgrade their devices. In a blog post, Apple said it was issuing a security update for iPhones and iPads because a 'maliciously crafted' PDF file could lead to them being hacked. The iOS 14.8 update fixes a security vulnerability that would allow a malicious actor to. "Kernel vulnerabilities, just by their nature are going to be more serious." Moussouris said, " is part of the brain of the operating system. So while Apple routinely issues iOS security updates, the release of iOS 14.8 about a week ago is unique. This threat is known as a kernel vulnerability. "If you're vulnerable, it tries to exploit it." The consortium did not disclose how it had. "It is possible that a vector could be, almost like a sleeper cell of an app," she said. Apple Security Update Closes Spyware Flaw in iPhones, Macs and iWatches. In theory, Moussouris said, a malicious actor could exploit this with an app. A second security threat Apple outlined involves a "malicious application" that may be able to elevate user privileges.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |