Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Nittala Sri Manish

September 16, 2021

Apple released an emergency software update to avoid getting affected by a potentially harmful attack; users should immediately update their iOS devices to install an emergency patch. NSO Group created this patch to prevent exploitation. The company released several security updates on Monday, September 13, which include fixes for various issues. One of the fixes it released was for a vulnerability that it said was likely exploited. Citizen Lab described several distinct elements that give researchers high confidence that the exploit can be tied to the secretive Israeli spyware maker NSO Group, including a forensic artifact called Cascade Fail. The forced entry was successfully deployed against the latest IOS versions 14.4 & 14.6. Cascade Fail is a bug whereby "evidence is incompletely deleted from the phone's Data Usage. SQLite file," according to Citizen Lab. But, as Hank Schless, Senior Manager of security solutions at endpoint-to-cloud security company Lookout, points out, the narrative is now relatively straightforward. "The recent revelation of 50,000 phone numbers linked to the targets of NSO Group customers was that all people saw the full extent of NSO's claims," ​​he told Threatpost on Monday. It can now be deployed as a zero-click exploit, meaning that the target user does not need to tap a malicious link for the surveillance software to install.

Abridged fromThreat Post