Apple issued a patch to the FORCEDENTRY flaw as experts urge acting fast
The U.S. tech giant issued an update to a critical software vulnerability dubbed FORCEDENTRY. Experts advise you to patch fast and stay vigilant.
Internet security watchdog group Citizen Lab made the discovery public on Monday, with Apple reacting to the ordeal the same day with a security fix for various versions of the company's operating system.
However, users need to download and install the patch for it to take effect. According to Paul Ducklin, a principal research scientist at security company Sophos, Apple clients need to act fast.
"Patch early, patch often and be more cautious than usual about whom you accept PDF files from and the sites from which you download them," Ducklin is quoted in an email to CyberNews.
Patch early, patch often and be more cautious than usual about whom you accept PDF files from,Paul Ducklin.
He claims that the vulnerability in Apple's iPhone, iPad, and Mac operating systems relies on booby-trapped PDF files.
The vulnerability was caused by an integer overflow, the same class of flaw as the infamous Y2K bug. Integer overflow happens when an arithmetic calculation doesn't fit the numeric precision available.
According to Ducklin's blog entry, this confusion in the software leads to 'buffer overflow,' allowing hackers to overwrite memory. Once that's possible, possibilities to inflict damage are limited only by the capabilities of the hacker.
CISA (Cybersecurity and Infrastructure Security Agency) also issued a warning, urging Apple users to look for an update as malicious actors might have exploited the vulnerability.
The critical vulnerability (CVE-2021-30860) is dangerous because it requires no user interaction and affects all versions of Apple's iOS, OSX, and watchOS, except for those updated on August 13 or later.
Strikingly, Citizen Lab determined that the vulnerability was exploited by the NSO Group, an Israeli company most famous for Pegasus spyware. The tool allows access to troves of data on victims' devices, including texts, passwords, calls, microphone, camera, and apps.
"We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware," Citizen Lab's researchers claim.
Citizen Lab claims that the zero-day exploit against iMessage, which it dubbed FORCEDENTRY, was effective against Apple's mobile devices, laptops, and watches.
More from CyberNews:
Subscribe to our newsletter