Apple has released a new security update for its iPhone, iPad, MacBook, and Apple Watch to address two zero-day vulnerabilities. Zero-day vulnerabilities are security flaws that are unknown to the software vendor and have not yet been patched. This makes them a serious threat, as attackers can exploit them without any resistance from the software.

iPhone iOS 16.6.1 Zero Day vulnerability update

The vulnerabilities addressed in the latest update are CVE-2023-41064 and CVE-2023-41061. They allow attackers to install malware on a device by loading a malicious image or attachment. The malware can then be used to steal data, track the user’s location, or take control of the device.

These vulnerabilities were first reported by the Citizen Lab, a spyware research group, at the Munk School of Global Affairs & Public Policy at the University of Toronto. Citizen Lab says that the vulnerabilities were being used to install NSO Group’s Pegasus mercenary spyware onto the iPhone. Not in the know, Pegasus is a powerful spyware tool that infects a phone and sends back data, including photos, messages, and audio / video recordings.

So it’s recommended that all users update their devices to the latest version of iOS, iPadOS, macOS, and watchOS as soon as possible. The updates can be downloaded from the Settings app. 

This is the second zero-day vulnerability that Apple has patched in recent months. In July, Apple released an update to address a zero-day vulnerability that was being exploited by attackers to install malware on iPhones and iPads.

The frequency of zero-day vulnerabilities is increasing, and it is important for users to keep their devices up to date with the latest security patches. By doing so, they can help to protect themselves from these serious threats.

Related:

(Via)

RELATED ARTICLESMORE FROM AUTHOR