Friday, March 14, 2025
info@businessmayor.com
Businessmayor logo
science

Update your iPhone NOW: Apple issues an urgent software update – here's how to install it on your smartphone

businessmayor
scienceSeptember 8, 2023
posted on


  • Embarrassing bug comes four days before the announcement of a new iPhone
  • Apple has had to roll out a last minute software update – here’s how to get it

By Jonathan Chadwick For Mailonline

Published: | Updated:

Just six weeks since it released its last software update, Apple has had to issue an urgent follow up.  

iOS 16.6.1, released globally on Thursday, fixes a security bug that leaves iPhones vulnerable to ‘spyware’ – software that steals information from a device. 

Apple was alerted to the bug by the University of Toronto’s Citizen Lab, which said it is ‘capable of compromising iPhones without any interaction from the victim’.  

In a web post about iOS 16.6.1, Apple confirmed the new update ‘provides important security fixes’ without giving any additional details, although it did acknowledge Citizen Lab experts ‘for their assistance’. 

Apple is due to announce a brand new mobile operating system, called iOS 17, along with the new iPhone 15 next week

Apple confirmed the update 'provides important security fixes' but it wouldn't confirm any further details

Apple confirmed the update ‘provides important security fixes’ but it wouldn’t confirm any further details

How to install the ‘urgent’ iPhone update 

  1. Go to the Settings app on your iPhone (denoted by the cog or gear icon)
  2. Select ‘General’ followed by ‘Software Update’
  3. Tap ‘Download and Install’  

Unfortunately, the bug is too dangerous to wait for the release of iOS 17 (expected later this month) so Apple has had to quickly roll out this latest version of 16.6. 

Read More   Disasters and Environmental Laws - Have We Learned Our Lesson? - JD Supra

To install the urgent update, users just need to head to their iPhone Settings and select ‘General’ followed by ‘Software Update’.

A fact box about iOS 16.6.1 should appear with the message: ‘This update provides important security fixes and is recommended for all users.’ 

Tapping ‘Download and Install’ should start the update, which could take a few minutes to complete. 

Apple said the update is also available for iPadOS, the operating system running on its iPads. 

The tech giant said: ‘For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.’

Apple is already expected to announce a brand new mobile operating system, called iOS 17, along with the new iPhone 15 next week . But it's had to quickly roll out this latest update to its current system iOS 16 due to the potential dangers of the bug

Apple is already expected to announce a brand new mobile operating system, called iOS 17, along with the new iPhone 15 next week . But it’s had to quickly roll out this latest update to its current system iOS 16 due to the potential dangers of the bug

However, Citizen Lab provides plenty more details about the vulnerability, which is being used by cybercriminals to deliver the notorious ‘Pegasus’ spyware, created by Israeli firm NSO Group. 

In a blog post, Citizen Lab said it uses an ‘exploit chain’ method – one involving multiple vulnerabilities to compromise the victim step-by-step – but without any interaction from the victim (‘zero click’). 

‘Citizen Lab immediately disclosed our findings to Apple and assisted in their investigation,’ the research group said. 

‘We expect to publish a more detailed discussion of the exploit chain in the future.

‘We urge everyone to immediately update their devices.

‘This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware.’

Read More   China, ROK illuminate science, tech innovation - Opinion - Chinadaily.com.cn - China Daily

Citizen Lab also advised any unnamed iPhone user ‘who may face increased risk because of who they are or what they do’ to enable Lockdown Mode, Apple’s security feature first released last year

Citizen Lab provides plenty more details about the vulnerability, which is being used by cybercriminals to deliver the notorious 'Pegasus' spyware, created by Israeli firm NSO Group (file photo)

Citizen Lab provides plenty more details about the vulnerability, which is being used by cybercriminals to deliver the notorious ‘Pegasus’ spyware, created by Israeli firm NSO Group (file photo)

Citizen Lab also advised any iPhone user 'who may face increased risk because of who they are or what they do' to enable Lockdown Mode, Apple's security feature first released last year

Citizen Lab also advised any iPhone user ‘who may face increased risk because of who they are or what they do’ to enable Lockdown Mode, Apple’s security feature first released last year  

When a device is in Lockdown Mode, apps, websites and features are restricted for security reasons, and others are completely disabled.

For example, most message attachment types in the Messages app other than images are blocked and other features, like link previews, are disabled.

Lockdown Mode is an optional protection for users who face ‘grave, targeted threats to their digital security’, like journalists and activists, Apple said. 

PEGASUS: HOW POWERFUL SPYWARE USED TO HACK JOURNALISTS WORKS 

Pegasus is a powerful piece of ‘malware’ – malicious computer software – developed by Israeli security firm NSO Group.

This particular form of malware is known as ‘spyware’, meaning it is designed to gather data from an infected device without the owner’s knowledge and forward it on to a third party.

While most spyware is limited in scope – harvesting data only from specific parts of an infected system – Pegasus appears much more powerful, allowing its controller near-unlimited access to and control over an infected device.

This includes accessing contact lists, emails, and text messages, along with stored photos, videos and audio files.

Pegasus can also be used to take control of the phone’s camera or microphone to record video and audio, and can access GPS data to check where the phone’s owner has been.

Read More   Just 2 hours is all it takes for AI agents to replicate your personality with 85% accuracy

And it can also be used to record any new incoming or outgoing phone calls. 

Early versions of the virus infected phones using crude ‘phishing’ attacks in which users are conned into downloading the virus on to their own phones by clicking on a malicious link sent via text or email.

But researchers say the software has become much more sophisticated, exploiting vulnerabilities in common phone apps to launch so-called ‘zero-click’ attacks which can infect devices without the user doing anything.

For example, in 2019 WhatsApp revealed that 1,400 people had been infected by NSO Group software using a so-called ‘zero day’ fault – a previously unknown error – in the call function of the app.

Users were infected when a call was placed via WhatsApp to their phones, whether they answered the call or not.

More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. 

Apple says it is continually updating its software to prevent such attacks, though human rights group Amnesty says it has uncovered successful attacks on even the most up-to-date iOS systems.

NSO Group says that Pegasus can also be installed on devices using wireless transceivers located near the target, or can be booted directly on to the device if it is stolen first.  





READ SOURCE

You Might Also Like

Recommended For You

This website uses cookies. By continuing to use this site, you accept our use of cookies.