Because of NSO?
Apple has released a critical security update
"Malicious application may gain basic privileges": Technology giant has released iOS 15.3.1, which fixes a serious security breach.
According to reports, the vulnerability makes it possible to penetrate the device without the victim having to press - similar to the spyware of the Israeli company NSO
Yinon Ben Shoshan
12/02/2022
Saturday, 12 February 2022, 13:50 Updated: 14:01
Share on Facebook
Share on WhatsApp
Share on Twitter
Share on Email
Share on general
Comments
Comments
IPhones (Photo: Walla! Technology, Yinon Ben-Shoshan)
Apple this weekend released the iOS 15.3.1 and iPadOS 15.3.1 system updates for iPhones and iPads, with a critical focus on fixing a security breach that exploits the Webkit component - the engine responsible for displaying websites.
The vulnerability, known as "Zero Day", allows attackers to infiltrate the device easily, similar to the "Pegasus" spyware of the Israeli offensive cyber company NSO.
The vulnerability is based on vulnerabilities in software and operating systems that have not yet been discovered (hence the name "day zero"), and have probably not been addressed or shut down.
More on Walla!
These products are hijacked on Amazon.
Now they are also near your house
Walla!
In collaboration with Terminal X
Has the update been released due to Pegasus software (Photo: Flash 90, Jonathan Zindel)
The company's official website about the security update states that "processing a maliciously crafted file may result in arbitrary code execution."
The company's website further states that "a malicious application may be able to obtain base permissions, and Apple is aware of a report that this problem may have been actively exploited."
The update is available for iPhone 6s and above, iPad Pro (all models), iPad Air 2 or later, iPad 5th generation or later, iPad mini 4 or later and iPod Touch (7th generation)
.
To update your device click on "Settings"> "General"> "Software Updates".
"The new vulnerability discovered in iOS is exploited by processing content that originates from the browser and contains malicious content that could lead to remote code execution on the device - thus enabling operations without the user's knowledge," says Sahar Avitan, CEO and owner of Kayran
. Apple, attackers have already begun exploiting the vulnerability in outdated devices.
Similar to NSO's Pegasus, an application belonging to Apple was used here as well.
It is important to remember that companies release security updates not for nothing, and should be updated immediately as soon as the device receives it in order to prevent future damage. "
technology
Privacy and security
Tags
Dark
NSO