Apple patches two zero-day vulnerabilities exploited by Pegasus
Articles by the same author:
1
2
3
04.05.24 Digital Sovereignty
DMA: European Commission to investigate Alphabet, Apple and Meta
Read
02
MIN
4
Vulnerabilities covertly grant control over iPhone.
On September 7, 2023, a security update corrected two zero-day and zero-click flaws in the latest version of iOS (16.6). According to the Citizen Lab of the University of Toronto, these vulnerabilities allow spyware, such as Pegasus, to covertly take control of an iPhone without leaving the slightest trace of device compromise.
Cybersecurity researchers discovered the two flaws by analyzing an iPhone Pegasus had infected. The Citizen Lab declared it had “immediately sent its findings to Apple and helped them with the investigation.”
Researchers explain that the “Lockdown” mode, an extreme protection protocol rolled out on iOS at the end of 2022, made it possible to resist exploitation of the vulnerabilities. Apple stated they were “aware of a report indicating the issue may have been actively exploited,” but provided no further commentary.