Critical iPhone Security Alert: Update Now to Protect Against Pegasus Spyware

Politics, News Sept. 10, 2023, 3:12 p.m.

Apple urgently released a security update for iOS 16.6 due to a zero-click vulnerability that allowed Pegasus spyware infiltration. Users must update their iPhones immediately to safeguard against potential threats.

Attention iPhone users: Immediate action is required if your device is currently running the latest iOS version 16.6. Apple has just issued a critical security update in response to a zero-click vulnerability that allowed the notorious NSO Group's Pegasus spyware to infiltrate iPhones without any user interaction. This exploit poses a severe threat as Pegasus spyware can clandestinely track your location, eavesdrop on your calls, intercept messages, and gain access to your device's camera and microphone. To safeguard your iPhone, it is imperative to download and install the latest update without delay.

The zero-click vulnerability was first unearthed by the University of Toronto's Citizen Lab, which promptly alerted Apple and provided detailed insights into the issue in a blog post aimed at assisting iPhone users. While Apple's security update announcement lacked specific details, it did acknowledge the pivotal role played by Citizen Lab in identifying and addressing the vulnerability.

Citizen Lab stumbled upon this alarming security flaw when examining an iPhone belonging to an individual affiliated with a Washington D.C.-based civil society organization. This organization was certain that the vulnerability was being exploited to deploy NSO Group's Pegasus spyware. What makes this exploit particularly menacing is its capability to infiltrate iPhones running iOS 16.6 "without any interaction from the victim," hence the term "zero-click vulnerability." Citizen Lab elucidates that the malicious attack involved the dissemination of PassKit attachments containing malicious images sent from the attacker's iMessage account to various targets.

While Citizen Lab promises a more comprehensive discussion on this specific exploit chain, dubbed BLASTPASS, in the future, it is imperative not to delay the crucial step of updating your device. The urgency lies in the fact that iPhones running iOS 16.6 are currently exposed to this threat, and the only effective defense is immediate updating.

For those who believe they may be at higher risk due to their profession or role, Citizen Lab recommends enabling Lockdown Mode on your iPhone. According to the organization, "We believe, and Apple’s Security Engineering and Architecture team has confirmed to us, that Lockdown Mode blocks this particular attack." Even if your occupation doesn't entail a high-risk profile, it's a prudent measure to enable Lockdown Mode for enhanced security.

While updating your iPhone and enabling Lockdown Mode should be your foremost priorities, you can further fortify your device's security by conducting an emergency safety check. This check helps sever connections with unauthorized apps and individuals, providing an added layer of protection.

In light of this critical security news concerning iOS 16, the anticipation for iOS 17's forthcoming security features, announced during Apple's September 2023 event, becomes even more heightened. Stay vigilant and proactive in safeguarding your iPhone to ensure your digital privacy and security are preserved.