Apple Emergency Update as of September 13, 2021
Apple Update 14.8 is an Apple security update that is designed to plug a vulnerability in iOS for malicious spyware. Updates for macOS Big Sur and watch OS have also been released.
You can read some of the patch notes for Apple Update 14.8 on Apple support – specifically for iOS 14.8 and iPadOS 14.8.
Read below to make sure you are fully protected by this urgent Apple security update!
What Is Apple Update 14.8?
Apple update 14.8 is primarily an emergency bug fix to iron out recently discovered vulnerabilities in the operating system.
It is strongly advisable that you update your operating system to iOS 14.8, and/or to macOS Big Sur 11.6 for those on a Mac, or to watch OS 7.6.2 for those with an Apple Watch.
What Is The Reason For The Apple Emergency Update?
Citizen Lab, an “interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto” which among other things, focuses on ” investigating digital espionage against civil society” and “analyzing privacy, security, and information controls of popular applications” discovered vulnerabilities in phones running iOS 14.6 back in August.
After some digging, it appeared that a bug in Apple’s CoreGraphics system left iOS devices vulnerable to a “zero-click” exploit – which basically means the user of the phone does not even have to accidentally access something in order for malicious software to infect their device. Effectively this means there is no way to prevent the attack without having the bug fixed. Evidence for malicious spyware was found by Citizen Lab on the phone of a Saudi Activist.
Since then, Apple have themselves found vulnerabilities within Big Sur and watch OS, and so have quickly rolled out a wide-ranging Apple Emergency update across all of their platforms.
Who’s behind the zero click malware?
The NSO Group, based in Israel, are the main suspects behind the creators of the Apple spyware which drew attention to the weakness plugged by Apple update 14.8. This controversial organization is a private company founded by ex-members of the Israeli Intelligence Corps, and the technology they created has been reportedly used (by others) for attacks against human rights activists and journalists in various countries around the world.