A major security vulnerability affecting iPhones and iPads has prompted Apple to release a crucial software update. Researchers at the University of Toronto’s Citizen Lab discovered the exploit, which allowed hackers to gain unauthorized access to users’ devices. The researchers warned that the vulnerability was actively being exploited and advised all users to update their software immediately.

The attack involved the use of commercial software called Pegasus, developed by the Israeli company NSO Group. Pegasus is a targeted and expensive software primarily used on specific individuals such as activists, journalists, and politicians. Previous security fixes have been aimed at blocking the delivery of Pegasus and other similar programs.

The most recent attack, named BLASTPASS, targeted the iPhone of a staff member at a US civil society organization. What made this exploit particularly concerning was that it did not require any action from the user, such as clicking on a malicious link.

To safeguard against such attacks, Apple introduced a feature called “Lockdown Mode” in recent updates. This mode imposes additional restrictions on the device to mitigate potential security flaws. For example, it prevents the automatic download of images that may contain spyware.

Updating the iPhone software is a simple process done through the Settings app. Users can navigate to the “general” and then “software update” options to check for and download any available updates. It is essential to ensure the installation of the latest operating system, iOS 16.6.1, by accessing the “about” section in the general settings.

Similar updates are available for Macs and Apple Watches and can be installed in a similar manner. Citizen Lab also recommended activating Lockdown Mode for individuals who might face an increased risk due to their profession or activities.

By promptly updating their devices and implementing additional security measures, iPhone users can protect themselves from potential intrusive attacks facilitated by this security vulnerability.

Definisi:

– NSO Group: An Israeli technology company specializing in the development of surveillance software.

– Pegasus: Commercial software developed by NSO Group for targeted surveillance purposes.

– Lockdown Mode: A feature introduced by Apple to impose additional security restrictions on devices.

– BLASTPASS: The name given to the most recent exploit targeting iPhones.

Sumber:

– University of Toronto’s Citizen Lab research team

– Apple Inc.