Last Updated on
Last Updated on
Following the Apple iPhone security breach which allowed NSO Group’s Pegasus spyware to track journalists, activists, and people of interest, Apple has now released the iOS 14.8 update. Originally identified by Citizenlab, the Forcedentry exploit targets Apple’s image rendering library, providing a backdoor into iOS, macOS, and watchOS devices. It’s highly recommended to get the Apple emergency security update as soon as possible.
Based in Israel, the NSO, named after its founders Niv Carmi, Shalev Hulio, and Omri Lavie, formed in 2010 and have global operations under various monikers. Although they officially provide technology and software that helps ‘authorized governments’ tackle terrorism and other crimes, leaks confirmed by multiple news outlets prove their Pegasus malware was licensed to the government to spy on whoever they deemed a ‘person of interest’.
Citizen Lab uncovered why an iPhone security update was required back in August, where they confirmed multiple Apple iPhone security breaches had occurred against iOS update 14.8 (released in May 2021). After examining previous backups of the hacked iPhone pre-iOS 14.8 update, the source of the malware infection was .GIF files sent via SMS messages, which were actually malicious .PDF files. Kudos to the Apple emergency security update team, who patched up this exploit on 13th September having been made aware (with evidence) on 7th September.
Go to Settings > General > Software Update. Make sure to plug in and have at least 50% battery life before starting the iPhone Update 14.8.
From the Apple menu in the corner of your screen, choose System Preferences > Software Update > Update Now. If using a Macbook, make sure the Mac is plugged into a power outlet with 50% battery life.
Open the Apple Watch App on your iPhone, then go to My watch > General > Software update. This over-the-air update shouldn’t require the iWatch to be plugged in, just make sure it’s fully charged.