Apple update offers security patch to prevent spyware on devices
HOUSTON - Apple has issued a critical security update for iPhone users, that experts say should be installed right away. It closes a security flaw that researchers warn was being actively exploited to install spyware on phones.
Canadian researchers alerted Apple of the problem after they found spyware, called Pegasus, on a device from what's described as a Washington-based 'civil-society organization'.
Pegasus is often used by countries and law enforcement to track suspects, criminals, and adversaries. It has already been declared a national security risk, and its use is prohibited within the United States. But the lesson, say experts, is that hole was wide open on everyone's Apple devices.
RELATED: Apple issues significant security update for iPhones, iPads
You need to make sure that you patch your phone, now," says Houston tech expert Juan Guevara Torres. Like everyone with an iPhone, he got the notice late Thursday, from Apple, pushing an unexpected iOS update that simply says it includes a "security update".
The reality is that someone had found a backdoor in Apple's operating system to insert the Pegasus spyware, embedded in innocent-looking messages, like pictures, that self-installs as soon as it's clicked.
"That picture gives them absolute, 100% access to the phone: camera, microphone, messages, contacts, email. Everything," says Guevara Torres.
Bree Fowler, who writes about cybersecurity and digital privacy for CNET, says it's easy to overlook a software update that might seem inconvenient, "I have, actually, not done this, myself, yet, and I need to go ahead an do it."
DOWNLOAD THE FOX 26 HOUSTON APP BY CLICKING HERE
She says ignoring the update would be a mistake, despite the fact that Pegasus is expensive and time-consuming to use, and likely doesn't target most ordinary citizens. "If you're a captain of industry, or a human right activist, or a journalist, you definitely need to be concerned about this," says Fowler, "But for the average person, the odds of you being targeted are pretty minimal."
The suggestion is that users update their devices to iOS 16.6.1, as recommended in the device update queue.
Additionally, those who may face an "increased risk" can use the Lockdown Mode, which is Apple's emergency protection that reduces cyberattacks. So far, there's been no similar warning about Android phones.