Apple released an update to iOS 16 that fixes a critical vulnerability capable of injecting Pegasus into your iPhone without you realizing it. The new version of the operating system for the apple mobile —iOS 16.6.1— is now available and it is recommended that you install it right now.
The vulnerability in question was discovered by The Citizen Lab, the cybersecurity team belonging to the University of Toronto, which gave quick notice to those in Cupertino so that they take the necessary measures to remedy it.
The curious thing about the case is that, as soon as the Pegasus scandal broke out, Apple updated its software to close any security gap that allowed its installation. It even launched a system to alert users if it believed that their mobile had been infected with spyware.
However, Canadian experts found a “zero click” vulnerability in iOS 16.6 that was being actively exploited to install Pegasus. He exploit It’s called BLASTPASS and it doesn’t require any interaction from the victim to take action.
It is worth noting that the update to fix this critical security issue is not limited to iPhones compatible with iOS 16.6. Apple has also released iPadOS version 16.6.1, so users are advised to install this patch on all supported iPads.
Install iOS 16.6.1 and iPadOS 16.6.1 now
The Citizen Lab and Apple have not provided further technical details on how the vulnerability that allows Pegasus to be installed in iOS or iPadOS 16.6 works. But they have explained that the infection with the spyware It can be given in a relatively simple way.. The attack uses PassKey attachments, the Wallet framework, and Apple Pay to send infected images to the victim via iMessage.
It is expected that there will be more news regarding this security breach soon. But until that happens, it’s important that users don’t overlook updating to iOS 16.6.1 and iPadOS 16.6.1.
Keep in mind that the patch is compatible with all Apple smartphone models, from the iPhone 8 and 8 Plus onwards. For its part, the new version of iPadOS can be installed on all iPad Pro, iPad Air from third generation onwards, as well as on iPad and iPad mini from fifth generation or later.
Note that if you do not receive an automatic notification to install the patch that prevents Pegasus attacks on your devices, you can manually check for the update. To do this you must open the section settings iOS 16.6 and iPadOS 16.6, enter the section General and select Software update.
Pegasus returns to the attack
Despite the steps Apple has taken to counter infections with the nefarious NSO Group spyware, it’s clear that they are continually looking for new ways to get it onto their devices. Let’s not forget that, despite the fact that the company behind Pegasus fired its CEO and began a restructuring process, its flagship product is still used to spy on politicians, journalists and activists around the world.
In fact, this year it became known that Pegasus is still very active in Mexico, which today is the main client for spyware. Therefore, even if you think that you are not a feasible target to be attacked with this threat, do not take risks. If you’re using a compatible iPhone or iPad, update to iOS 16.6.1 and iPadOS 16.6.1 now.