Daily US Times: Apple has launched a software patch to block so-called “zero-click” spyware that could infect iPads and iPhones.
Independent researchers identified the security blow, which lets hackers access devices through the iMessage even if users do not click on a link or file.
The problem affects all of Apple’s operating systems, the researchers said.
The technology giant said it issued the security update in response to a “maliciously crafted” PDF file.
The University of Toronto’s Citizen Lab first highlighted the issue. The lab had previously found evidence of zero-click spyware, but according to researcher Bill Marczak, “this is the first one where the exploit has been captured so we can find out how it works.”
The researchers said that the previously unknown security issue affected all major Apple devices, including Macs, iPads, iPhones and Apple Watches.
Citizen Lab also said the vulnerability was exploited to plant spyware on a Saudi activist’s iPhone, adding that it had high confidence that the Israeli NSO Group was behind that attack.
NSO said in a statement that it did not confirm or deny that it was behind the spyware. The Israeli company only said that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”.
Security experts have said that although the discovery is significant, most Apple users shouldn’t be overly concerned as such attacks are usually highly targeted.
You may read: Apple delays plan to scan iPhones for child abuse