apple, apple inc, iphone, ipad, ipod touch, ipod nano, apple tv, ipod shuffle, iphone 6, iphone 6s, ios 9, ios9, itunes, i mac, mac os x, mac osx, apple computer, apple computer inc., mac os x, imac, ibook, mac pro, macbook pro, magic pad, magic mouse, ipod classic, app store, itunes store, ibook store, mac book, microsoft, adobe, research in motion, rim, nokia, samsung, google, nvidia, intel

Apple on Thursday pushed out updates for older versions of its iOS and macOS operating systems, patching three zero-day vulnerabilities including a bug that was likely exploited in the wild by NSO Group's Pegasus spyware.

Earlier today, Apple issued iOS 12.5.5 with a fix for CoreGraphics flaw that allows attackers to execute arbitrary code on a target device through a maliciously crafted PDF. The vulnerability may have been exploited in the wild, according to a support document detailing the update's security content.

Impacting a range of iPhone and iPad models, including iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and sixth-generation iPod touch, the CoreGraphics zero-day was discovered by Citizen Lab, an interdisciplinary laboratory at the University of Toronto's Munk School of Global Affairs. The group's involvement strongly suggests NSO deployed the exploit to deploy its Pegasus tool on target devices.

Citizen Lab has been following NSO and its impact on technology human rights and the global political landscape for years. Over the past few months, the initiative discovered multiple zero-day vulnerabilities tied to the Pegasus spyware, which is allegedly used by authoritarian governments to hack and surveil iPhones and other iOS devices used by journalists, activists, government officials and other persons of interest.

Pegasus is sometimes deployed as a zero-click attack. In August, it was reported that a so-called "ForcedEntry" attack vector was used to bypass Apple's new BlastDoor security protocols in Messages, allowing insertion of Pegasus on a Bahraini human rights activist's iPhone 12 Pro. Apple subsequently released a fix for impacted iOS 14 versions earlier in September. Separate attack vectors reportedly involved Photos and Apple Music.

The Citizen Lab discoveries brought public attention to the potential for abuse of Pegasus by government entities. In July, Israeli government officials visited the offices of NSO as part of an investigation into the spyware.

Internet Explorer Channel Network


LATEST NEWS

NEWS RELATED

Compared: New 14-inch MacBook Pro versus 13-inch M1 MacBook Pro versus Intel 13-inch MacBook Pro

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple has finally launched the much-wanted 14-inch MacBook Pro with Apple Silicon, but it’s kept the 13-inch model in the lineup…

Read more: Compared: New 14-inch MacBook Pro versus 13-inch M1 MacBook Pro versus Intel 13-inch MacBook Pro

Apple's 2021 MacBook Pro (14" and 16") is already on sale, save up to $355

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple’s MacBook Pro 14-inch and 2021 16-inch were announced mere hours ago, but exclusive deals are already in effect on the…

Read more: Apple's 2021 MacBook Pro (14" and 16") is already on sale, save up to $355

Apple updates Final Cut Pro, Logic Pro for M1 Pro, M1 Max chips

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple on Monday announced updates to Final Cut Pro and Logic Pro that will allow both apps to take full advantage…

Read more: Apple updates Final Cut Pro, Logic Pro for M1 Pro, M1 Max chips

New M1 Pro, M1 Max MacBook Pros support more displays than M1 Macs

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. The new Apple M1 Pro and M1 Max processors expand the number of external displays you can connect to a MacBook…

Read more: New M1 Pro, M1 Max MacBook Pros support more displays than M1 Macs

Apple seeds iOS 15.1, iPadOS 15.1, tvOS 15.1, watchOS 8.1 release candidates

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple is now on the fifth — and possibly final — round of betas for iOS 15.1, iPadOS 15.1, tvOS 15.1,…

Read more: Apple seeds iOS 15.1, iPadOS 15.1, tvOS 15.1, watchOS 8.1 release candidates

New MacBook Pros chargeable via MagSafe 3 or Thunderbolt 4

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple’s new 16-inch MacBook Pro and 14-inch MacBook Pro models feature multiple ways to charge, including MagSafe 3 or the trio…

Read more: New MacBook Pros chargeable via MagSafe 3 or Thunderbolt 4

Apple's macOS Monterey release candidate beta is now available

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. As Apple inches ever closer to a final public release, it has offered the 11th beta and release candidate of macOS…

Read more: Apple's macOS Monterey release candidate beta is now available

macOS Monterey will be released on October 25

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. Apple has announced that the official release of macOS Monterey is on October 25, though the OS will not feature all…

Read more: macOS Monterey will be released on October 25

Apple unveils 16-inch MacBook Pro with M1 Pro, M1 Max

Apple debuts 14-inch MacBook Pro with HDMI, MagSafe, and a notch

Apple drops price of second-generation AirPods to $129

New MacBook Pro driven by M1 Pro & M1 Max processors

HomePod mini now comes in five colors

Apple introduces $4.99 Voice Plan for Apple Music

Apple's all-new AirPods support Spatial Audio for $179

Reddit's first live show is a Photoshop competition

OTHER NEWS