Apple has just shared an important security update for iOS, iPad os and Macos: a group of researchers has discovered an hidden exploit in the Imassage code that allowed the famous spy pegasus software, of the Israeli company, could infect devices fromThis brand -iphone, iPad, Mac and Apple Watch-.

Los moderadores de WhatsApp leen millones de mensajes 'encriptados' al revisar las denuncias de la app

The American multinational warns in the description of iOS 14.8 For iPhone that “This update provides important security improvements and is recommended to all users” and with it responds to the security gap discovered by the Citizen Lab of the University of Toronto, Canada.

According to this organization, the Israeli Software company NSO Group has since February infecting iPhone phones and other Apple devices, taking advantage of a safety failure in the IMEssage instant messaging program, and affects both iOS (mobile operating system) and(computers) and watchos (watches).

'BrakTooth', la vulnerabilidad que está afectando a millones de dispositivos con Bluetooth a través de códigos maliciosos

To make sure your devices receive update, verify that you are using iOS 14.8, Ipados 14.8, Watchos 7.6.2, Macos Big Sur 11.6 and the 2021-005 security update for Macos Catalina.According to Apple, iOS and compatible iPads include: “iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, fifth generation and later iPad, iPad Mini 4 and later, and iPod Touch (Seventh Generation) ".

To update the operating system on an iPhone you must go to configuration/general/software update and download the iOS 14 version.8 -The process is practically the same for ipados and macos-.

How has the ruling occurred?

As we say, the ‘zero day exploit’ was discovered by cybersecurity researchers from Citizen Lab.In Apple terminology, the update is known as ‘CVE-2021-30860’ and accredits Citizen Lab for finding vulnerability.

Este cable, que podría confundirse con uno de carga que uses a diario, puede robar todos los datos de tu móvil

Those responsible for the discovery claim that they realized the “when searching on an infected phone with Pegasus that belonged to a Saudi activist”, and discovered that the Group NSO “had probably exploited a vulnerability called 'zero click' in Imassage so that Pegasuswill enter the device ".Everything that I had to do to enter the device of this activist was to send an invisible imissage loaded with malware without their knowledge, according to researchers.

Unlike most malware, this type of spyware is installed without the need for the user to perform any operation, simply exploiting a vulnerability of the system, and affects all versions of operating systems except for those issued this Monday.

Un millón de dólares a cambio de infectar las redes de tu propia empresa: la última táctica de los cibercriminales

Who is behind the exploit can do "everything an iPhone user can do on their device and more" once it is infected, the researchers said.This includes the monitoring of text messages or emails sent, calls made and the camera ignition without user knowledge.Even if these communications occur through an encrypted application, such as Signal or Telegram, Iso can still collect that data and transmit them to their clientele, reports The New York Times.

Sign up for our Newsletter and receive the latest news about technology in your mail.