According to security researchers, the bug, which was unveiled by Citizen Lab on Monday, a hacker using the NSO’s malware Pegasus, gained access to a device owned by a Saudi activist.
Apple Inc. said it had fixed a security flaw in the Messages app on all of its key devices, which, according to security researchers, had been actively exploited by the NSO group in Israel.
According to security researchers, the bug, which was unveiled by Citizen Lab on Monday, a hacker using the NSO’s malware Pegasus, gained access to a device owned by a Saudi activist. Apple said the error could be exploited if a user on a vulnerable device received a ‘maliciously crafted’ PDF file.
The malware did not require victims to handle the file. According to a report released by Citizen Lab, a cyber research unit at the University of Toronto, it was enough to infect their devices.
“Apple is aware of a report that this issue may have been actively exploited,” the iPhone maker said on its website.
Apple is uploading the bug to the iPhone, iPad, Mac and Apple Watch via software updates of iOS 14.8, iPadOS 14.8, macOS 11.6 and watchOS 7.6.2. The software release comes the day before Apple’s production event on September 14, which will likely prompt the release of iOS 15, Apple’s next major software update, which will include additional security protection.
“NSO Group will continue to provide life-saving technologies to intelligence and law enforcement agencies around the world to combat terrorism and crime,” the company said in a statement.
The NSO group has been repeatedly criticized by Citizen Lab and other organizations after its spyware was discovered on the phones of activists and journalists who are critical of repressive regimes. NSO Group has insisted that the spyware is intended to combat terrorism and crime, not to help with human rights violations.
Apple shares changed little in expanded trading after closing at $ 149.55 in New York.