If you have one of the best iPhones and it's currently running the latest version of iOS (16.6), update it ASAP. Apple has issued emergency security updates to fix two zero-day vulnerabilities in its iPhones, Pads and Macs that enabled Pegasus spyware to tap into a victim's device to view, listen to and watch their every move.
These new zero-day vulnerabilities were found in the Image I/O and Wallet frameworks, as reported by Bleeping Computer. Security researchers at the University of Toronto’s Citizen Lab first sounded the alarm last week about hackers using malicious attachments to execute arbitrary code on Apple’s smartphones and tablets. The organization, which promptly alerted Apple about the discovery, said it found evidence this vulnerability was “being used to deliver NSO Group’s Pegasus mercenary spyware.”
Spyware such as Pegasus, which has been traced back to the Israeli cyber intelligence group firm NSO, has been making headlines this year as an increasingly used tool to target iPhone users. The spyware can track a targeted device's location, monitor and record calls and messages, and access your camera and microphone — all with the user none the wiser.
A second zero-day vulnerability, this one uncovered by Apple, is a buffer overflow weakness in macOS Ventura that can be triggered when the operating system processes maliciously crafted images. When this happens, arbitrary code can be executed on unpatched devices.
Apple was quick to patch these zero-days with the release of iOS 16.6.1, iPadOS 16.6.1 and macOS Ventura 13.5.2, which added improved logic and memory handling. However, to prevent hackers from exploiting these vulnerabilities, you'll still need to install Apple's latest round of emergency security updates.
These zero-days impact both older and newer iPhones, iPads and Macs. The iOS 16.6.1 upgrade is available for the iPhone 8 and later, all models of the iPad Pro, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
How to keep your Apple devices safe from hackers
Your best defense to keep your iPhone, iPad and Mac protected from cyberattacks is to keep all of your devices up to date and running the latest software. Apple’s incremental iOS, iPadOS and macOS updates do more than just add nifty new features — they also often include security patches to address the zero-day vulnerabilities described above and other security flaws.
For added protection, you'll want to use the best Mac antivirus software on your Mac as there's been a surge in Mac malware in recent years, a trend that isn’t likely going to slow down anytime soon.
To keep your iPhone or iPad safe, Apple’s own malware scanning restrictions are the reason there isn’t an iOS equivalent of the best Android antivirus apps. But there is a workaround available. Intego Mac Internet Security X9 and Intego Mac Premium Bundle X9 can both scan an iPhone or iPad for malware when they’re plugged into a Mac using a USB cable.
More from Tom's Guide
