Apple® Issues Patch to Fix Spyware Vulnerability

Publish Date

Type

Cyber Alert

Topics

  • Cybersecurity

A vulnerability has been discovered in Apple® products that enables the installation of unauthorized software without the user's permission. The vulnerability is actively used to install Pegasus spyware on devices, allowing user activities to be surveilled by an external party. The spyware has been discovered in use on the phones of activists, dissidents, journalists, and others. Now exposed, others may use this vulnerability for criminal purposes.

Apple has released updates to its operating system software in response to the discovered vulnerability. Upgrades are available for the iPhone, iPad, Apple Watch, and Mac computer.

ACA guidance

The existence of this zero-click vulnerability makes it likely to be exploited by others, and anyone can effectively be a target. As such, ACA recommends taking the following precautionary measures:

  • Urgently apply the operating system updates to all Apple devices.
  • Use a mobile device management system to enforce upgrades of software, monitor software upgrade status, and ensure secure configuration of mobile devices.
  • Strongly encourage third-party service providers to apply this update to their systems.

How we help

ACA Aponix® offers the following solutions that can help your firm stay in compliance with federal and state regulatory requirements, and enhance its cybersecurity in general.

Download our Aponix Protect cybersecurity solution brochure.

If you have any questions, please contact your ACA Aponix consultant or contact us here.

Join us for a live webcast

Cybersecurity Budgets, Investments, and Initiatives

 

 

Cybersecurity and risk management leadership are gearing up for their budget season. To help you prepare, we are hosting an open discussion and Q&A session to review peer trends for cybersecurity budgets, investments, and initiatives as you head into next year. Register

This is the first in a monthly series of fireside chats to help CISOs and IT professionals gear up for 2022. Be on the lookout for invitations to our future webcasts.