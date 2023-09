By

Bungwe la US Cybersecurity and Infrastructure Security Agency (CISA) lapereka chenjezo ku mabungwe aboma, kuwalimbikitsa kuti asinthe zida zawo za iOS, iPadOS, ndi macOS mkati mwa mwezi umodzi. Izi ndichifukwa cha kupezeka kwa zovuta ziwiri zamasiku a zero muzinthu za Apple zomwe zitha kugwiritsidwa ntchito ndi ma spyware.

Chiwopsezo choyamba, chodziwika kuti CVE-2023-41064, ndikusatetezeka kwa buffer mu ImageIO. Zimachitika mukakonza chithunzi chopangidwa mwapadera ndipo zitha kupangitsa kuti ma code aperekedwe. Chiwopsezo chachiwiri, CVE-2023-41061, ndi vuto lovomerezeka mu Apple Wallet. Kuphatikizika kopangidwa moyipa kumatha kupangitsa kuti code isungidwe.

Citizen Lab, bungwe lopanda phindu, posachedwapa lapeza zofooka izi ngati gawo la mndandanda wazinthu zotchedwa "BlastPass." Unyolo uwu udagwiritsidwa ntchito popereka mapulogalamu aukazitape a Pegasus kwa wogwira ntchito m'bungwe lokhala ndi anthu ku Washington. Citizen Lab idawulula kuti chiwonongekochi chidagwiritsa ntchito zomata za PassKit zomwe zili ndi zithunzi zoyipa zomwe zidatumizidwa kudzera pa iMessage.

Ngakhale sizikudziwika kuti ndani adavomereza zigawengazi, pali nkhawa kuti zitha kugwiritsidwanso ntchito kulimbana ndi akuluakulu aboma la US ngati zitachitika ndi dziko laudani. M'mbuyomu, ziwopsezo zofananira zaukazitape zidanenedwapo, pomwe akuluakulu asanu ndi anayi aku US State Department adabedwa ma iPhones awo kutali mu 2021.

Apple yasankha kuchitapo kanthu motsutsana ndi kampani ya Israeli ya NSO Group, yomwe imakhulupirira kuti ndiyomwe imayambitsa ndi kugulitsa mapulogalamu aukazitape a Pegasus. NSO Group imati zogulitsa zake zidapangidwa kuti zikhazikitse malamulo komanso kusonkhanitsa anthu anzeru.

Pofuna kuchepetsa chiwopsezo cha ntchito zaukazitape, mabungwe aboma ali ndi mpaka pa Okutobala 2 kuti athetse zovuta zomwe zapezeka kudzera pazosintha zamalonda. Kulephera kutero kungachititse kuti asiye kugwiritsa ntchito zinthu za Apple zimenezi.

