Apple has released security updates for a newly discovered zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch.
According to a statement signed by National Information Technology Development Agency (NITDA) Head, Corporate Affairs and External Relations Unit
Mrs Hadiza Umar, “Research revealed that, the zero-click exploit, which targets iMessaging, is used to illegally spy on iOS devices.
An attacker infects and exploits an Apple device without the victim’s knowledge or the need for the victim to carry out any action.”
The statement further revealed the impact of the attack, saying that, “A spyware called Pegasus gets deployed into targeted device, turns on the camera and microphone to record messages, texts, emails and calls, even if sent via encrypted messaging apps.
Once the attacker has control of the device, the attacker compromises the user’s credentials, gains access to entire infrastructure, identify sensitive assets and move laterally within the network.”
This attack affects products like iOS versions – 14.4 and 14.6.
“Users are strongly advised to immediately update their iOS devices with latest patches iOS 14.8. Updates are available for free from Apple.
Recommended steps to update iOS, “Plug your device into power and connect to the internet with Wi-Fi, Go to settings > General, then tap Software update, tap Install Now. If you see Download and Install instead, tap it to download the update, enter your passcode, then tap Install Now. After the install process begins, a message that says “Verifying Update” appears; wait for it to finish.
After verification is complete, your device will restart then the Apple logo and a small progress bar in the center of the screen; when installation is complete, you can unlock and use your iPhone again as usual.
To install patches on Apple watch: Open the Apple Watch app on your iPhone; tap My Watch, go to General > Software Update, then, if an update is available, tap Download and Install.