The company on Monday pushed out emergency security updates for iOS, macOS, and its other operating systems to plug a hole that threatened security on a range of devices.
Apple on Monday issued emergency security updates for iOS, macOS and its other operating systems to plug a hole that Canadian researchers claimed had been planted on a Saudi political activist’s device by NSO Group, an Israeli seller of spyware and surveillance software to governments and their security agencies. Updates to patch the under-active-exploit vulnerability were released for iOS 14; macOS 11 and 10, aka Big Sur and Catalina, respectively; iPad OS 14; and watchOS 7. According to Apple, the vulnerability can be exploited by « processing a maliciously crafted PDF, » which « may lead to arbitrary code execution. » The phrase « arbitrary code execution » is Apple’s way of saying that the bug was of the most serious nature; Apple does not rank threat level of vulnerabilities, unlike operating system rivals such as Microsoft and Google.
