Apple releases OS updates to fix spyware hack uncovered by University of Toronto researchers

These updates have dropped just ahead of the tech giant's big iPhone 13 reveal event

Apple's spaceship office

Just ahead of Apple’s iPhone 13 reveal event, the tech giant has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2 and macOS Big Sur 11.6 to solve a pair of significant security issues affecting several of its devices.

All four updates don’t add new features to their respective devices’ operating systems but include important security fixes. The first fix relates to iOS’, iPadOS’ and macOS’ CoreGraphics framework and the other is tied to Apple’s WebKit browser feature.

Pegasus security update

Apple says that it became aware of vulnerabilities that take advantage of these frameworks to run malicious code. For example, regarding the CoreGraphics exploit, apple mentions that a “maliciously crafted PDF” could lead to “arbitrary code execution.”

According to The Washington Post, one of the flaws was uncovered by the University of Toronto’s Citizen Lab and is linked directly to Pegasus spyware. Alongside Apple, Citizen Lab advises Apple users to update their devices as soon as possible.

Check out Citizen Lab’s website for a very detailed breakdown of the exploits.

Source: Apple, The Washington Post