Cybersecurity researchers find major flaw on Apple devices

Photo (c) Bill Hinton -- Getty Images

The company has released a patch and asks users to update their devices ASAP

On the day it planned to roll out its new iPhone, Apple instead has been stunned by the discovery that cyber attackers may have found a way to worm their way into an array of Apple-made products from the iPad to the Apple Watch.

The company is on the case, actively patching two vulnerabilities in its software that allows hackers to take command of its devices. An inventive bunch, those cyber thugs — Apple said that an attacker can actually trigger an iOS-run device to run deviant computer code, such as downloading a malicious program from the internet onto the user’s device. 

This is Apple's second major security flaw in as many months.

What to look for and what to fix

In PCMag’s coverage of the situation, one way an attack can happen comes via iMessage, where the attacker sends a mischievous PDF. Security analysts at Citizen Lab have concluded that the attackers use the vulnerability to spread the Pegasus — a particularly nasty spyware program — which can clandestinely take over an iPhone.

Not to be left out of the flaw circus, researchers at Citizen Lab also found that suspicious animated GIFs masquerading as Adobe PDFs are also able to exploit Apple’s flaw. Like Apple, this is also Adobe's second recent run-in with security issues — the first coming in mid-August when it found a vulnerability in its iOS and Windows versions of Photoshop.

Apple immediately released a system software update designed to patch the issue. The company is advising owners of Apple devices to update them immediately. 

Here is a list of the devices affected by the breach and links to the security update. You can also follow Apple’s suggested method for updating your device’s system software.

Security Update Link

Apple Product

Safari 14.1.2

macOS Catalina and macOS Mojave

Security Update 2021-005 Catalina

macOS Catalina

macOS Big Sur 11.6

macOS Big Sur

watchOS 7.6.2

Apple Watch Series 3 and later

iOS 14.8 and iPadOS 14.8

iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Take an Identity Theft Quiz. Get matched with an Authorized Partner.