Apple Releases Updates to Address Active Zero-Click, Zero-Day Exploits

Got an iPhone, iPad, Mac, or Apple Watch?

Go on and go update it.

NOW.

No, really.

Why the fuss? These updates close some really nasty holes in each of these various devices.

How nasty? Is this nasty enough for ya?

CVE-2021-30860 allows commands to be executed when files are opened on certain devices. Citizen Lab noted that the vulnerability would give hackers access without the victim even clicking anything.

https://www.zdnet.com/article/apple-releases-update-fixing-nso-spyware-vulnerability-affecting-macs-iphones-ipads-and-watches/

What this means in everyday terms is that these are exploits out in the world RIGHT NOW that allows an attacker to gain access to your phone. Access to things such as:

  • A device’s camera
  • A device’s microphone
  • Messages
  • Text
  • Emails
  • Call history
  • And more

The scariest part of this, is that you don’t have to do anything at all to fall victim to it. Nope, NOTHING. No clicking on a suspicious link, or opening a bad email attachment. That’s what “zero-click” means: no user interaction is required. The “zero-day” term in the article means that this vulnerability was being active exploited even before Apple knew about it.

Okay, so now that you’ve read everything, hopefully you’ve updated your various iDevices by now. If not…

Go on, go update!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.