'iOS 14.7.1 update fixes Pegasus leak'

0
139

Apple mentions an issue in the iOS 14.7.1 security update that can cause memory corruption. There is some evidence that this is in reality a fix for an exploit that has been making quite the headlines in recent weeks. According to Amnesty International, receiving a certain iMessage message is enough to become infected and ensure access to personal data. Analysis shows that this happened with a memory overflow, which matches Apple's description of the problem. Apple also says that the vulnerability may have been actively used, which is certainly the case with the NSO leak.

According to The Register, there is a clear link between this zero-day vulnerability fix and the Pegasus spyware. Bug CVE-2021-30807 was found in the IOMobileFrameBuffer code, a kernel extension that allowed malicious code. Bug CVE-2021-30807 was reported by an anonymous researcher. Apple won't say who exploited the bug or whether it has anything to do with the NSO Group's Pegasus spyware. This organization has previously responded by saying that ordinary people have nothing to fear.

Pegasus is spyware, which is maintained and licensed by the NSO Group company. It is made available to governments, who use it to retrieve information from iPhones and Android devices and track the owner. Amnesty International and other organizations accused NSO of not being candid about who uses the Pegasys spyware and how often it is deployed. NSO would hand out digital weapons without checking who uses them and without performing a background check. It could be hundreds, but also tens of thousands of victims. The attack was carried out via iMessage on the iPhone 11 and 12 series.

Shortly after Apple responded to the discovery, the code was posted on Twitter. Security researcher Saar Amar would have discovered the leak four months earlier, but had not reported it because he wanted to report his discovery as best as possible. Now that everything is already known, he has made a blogpost about his findings. Other security researchers have called on Apple to prioritize these kinds of vulnerabilities. For example, cryptography expert Matthew Green called on Apple to largely rewrite iMessage's code, in a way that is better protected against memory bugs. Security researcher Will Strafach believes Apple should make it easier for researchers to find out how such attacks take place so that underlying vulnerabilities can be found faster.