Apple has launched the iOS 14.8 update to correct a bug linked to spyware Pegasus of the Israeli company NSO, which infected 50,000 mobile phones of journalists, activists and politicians around the world.
An investigation by the media consortium Forbidden Stories and Amnesty International determined that 50,000 phones from around the world could be targeted by Pegasus spyware from the Israeli company NSO, as it became known in July.
Pegasus is a remote access tool with spyware capabilities‘, with which you can remotely monitor a person’s mobile and access elements such as the camera or microphone, or perform actions such as screenshots or the recording of keystrokes.
It affects both Android and iOS devices, through zero day vulnerabilities .Unknown unknown to users and manufacturers. or through ‘spear phishing’, that is, tricking the user into clicking on a malicious link.
Pegasus also uses the attack mechanism known as ‘zero.click’, whereby no user action is required for spyware to install, as The Citizen Lab alerted.
Apple has released this Monday an update for its mobile operating systems (iOS 14.8 and iPadOS 14.8) that corrects a bug in CoreGraphics discovered by The Citizen Lab (CVE.2021.30860) and with impact on the processing of a maliciously crafted PDF that may lead to arbitrary code execution–
It also fixes a bug in WebKit (CVE.2021.30858), where arbitrary code could be executed with the processing of web content created for malicious purposes, as stated on the security updates page.
Updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).