An employee of the Washington DC-based civil society organization Citizen Lab, John Scott-Railton, discovered a zero-click vulnerability that spread Pegasus spyware. He said that this spyware could automatically infect the latest iOS systems without any click.
As compiled by Meteron Monday (9/11/2023), Citizen Lab, which is also active in maintaining government security systems, explained in a blog post that victims can be targeted by the malware without clicking, tapping or opening any attachments.
“The exploit chain managed to compromise iPhones running the latest version of iOS (16.6) without any interaction from the victim. After discovering the zero-click vulnerability, we notified Apple and the company thanked them for helping with the investigation,” Citizen Laboratory wrote.
Apple said one of the bugs, tracked as CVE-2023-41064, leaves iPhone, iPad, Mac and Apple Watch, as well as other devices, vulnerable to attacks while processing malicious images. Likewise, another bug, CVE-2023-41061, could make devices vulnerable.
Apple said it was aware of reports that this issue may have been actively exploited and declined to comment further on either bug. The tech giant only confirmed that it has provided a patch patch.
For more information, this isn’t the only time Apple has revealed a zero-day bug this year. Last June, the company fixed two bugs exploited in a campaign that Russia blamed on the United States.
Follow Okezone news on Google News
The following content is presented by the advertiser. Okezone.com journalists are not involved in this content material.
Quoted From Many Source