Update Required: zero-day zero-click vulnerability found in Apple iMessage
All users of the Apple iMessage communication software should update right away. A vulnerability that requires no user interaction is being actively exploited in the wild.
103 Words
2021-09-13 10:27 -0500
Citizens Lab discovered a vulnerability in the Apple iMessenger application that requires no user interaction to exploit.
What does this mean in laymen’s terms? It’s possible for anyone to send your phone or computer a specially crafted text message which allows them to take over control of your device(s). This includes reading your private messages, viewing your camera, listening to your conversations, or accessing any information stored on or accessed by your device.
This is not a wait until tonight update. Do it now:
Additional details here:
- Citizens Lab report: https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
- CISA bulletin: https://us-cert.cisa.gov/ncas/current-activity/2021/09/13/apple-releases-security-updates-address-cve-2021-30858-and-cve
- Apple’s update information (not much useful information here): https://support.apple.com/en-us/HT201222