Skip to main content
  1. Home
  2. Mobile

Pegasus and BlastDoor are why you need to update your Apple devices immediately

By

The iPhone 13 may be ready to launch tomorrow, but Apple is working fast to patch a major vulnerability to its devices with a new update for iOS 14.8, iPad 14.8, and watchOS 7.6.2, none of which were given a beta test period first. While none contain major features as you might expect in advance of tomorrow’s “California Streaming” event, these are important security updates, as they contain fixes to two system vulnerabilities.

The potentially more serious one is Pegasus, which is an invasive spyware discovered by Israel’s NSO group. This “zero-click” exploit requires no input from a phone’s user to take effect, and was being used specifically against activists in Bahrain, including members of the Bahrain Centre for Human Rights. By defeating Apple’s BlastDoor security system, the ForcedEntry exploit was able to install the Pegasus spyware suite for purposes of surveillance.

Recommended Videos

According to the New York Times, the spyware is capable of infecting a wide range of Apple devices. Once infected, it can turn on your device’s camera and microphone, record messages, and access texts, emails, and calls, even ones that are encrypted.

Signal App
Signal

The second vulnerability allows attackers to get around BlastDoor, which was implemented in January in order to put a line of defense between the Messages app and the rest of iOS.

Related

Messages have traditionally been the weakest link in iOS devices’ security, as Apple didn’t do a great job of sanitizing incoming data from other users; at its nadir, it was possible for a bad actor to take control of someone else’s iPhone by sending it a specific text message or photo. BlastDoor works by filtering out incoming bad code.

According to the official patch notes, the new updates affect CoreGraphics and WebKit, and fix issues that affect “processing maliciously crafted” PDFs and web content. These issues, according to Apple’s characteristically vague policies, “may have been actively exploited.”

This follows up on the story that spread in July and August regarding a new hack, which University of Toronto researchers at the Citizen Lab called “ForcedEntry,” which was able to defeat BlastDoor.

It’s significant here that Apple’s new update comes one day ahead of its “California Streaming” event unveiling the iPhone 13 and other devices, and just ahead of the expected release of iOS 15. Monday’s update could thus be the last one for iOS 14, and comes at a time when it would otherwise be easy to miss. It’s reflective of the importance of the update that Apple released it at all, rather than simply kicking the can down the road and letting it get fixed with the iOS 15 rollout.

All three updates are available over-the-air at the time of writing and replace iOS 14.7.1, iPadOS 14.7.1, and WatchOS 7.6.1.

Editors' Recommendations

Topics
Thomas Hindmarch
Thomas Hindmarch
Contributing writer
Thomas Hindmarch is a freelance writer with 20 years' experience in the gaming and technology fields. He also writes for…
Apple’s Ceramic Shield may change your mind about an iPhone 14 screen protector
iPhone 13 Pro side view.

Just how much do you need a screen protector on your new iPhone 14? Screen protectors are like cases — we don’t always want to buy and use them but feel we should protect our investment from harm. But with that comes the expense, the awkwardness of fitting the things, and sometimes a change in the feel of the glass under our finger.

The iPhone 14 Pro uses a special type of protective glass Apple calls Ceramic Shield, which it says offers scratch resistance and four times the drop protection versus iPhone models without the special glass. Is there any point in fitting a screen protector to it, and if you don’t, what will your phone look like after a year? That’s what we’ve found out.
What is Ceramic Shield?
Ceramic Shield glass was introduced on the iPhone 12 series, was used on the iPhone 13 series, and is fitted to the new iPhone 14 models, too. It doesn’t matter whether you buy a regular iPhone 14, the iPhone 14 Pro, or the iPhone 14 Pro Max — it has Apple’s Ceramic Shield glass on the front. Like the familiar Gorilla Glass fitted on many Android devices, Apple’s Ceramic Shield has also been developed by experts at Corning.

Read more
iOS 16: Everything you need to know about 2022’s big iPhone update
Man holds an iPhone 13 Pro with the iOS 16 logo on screen.

Apple announced iOS 16 at WWDC on June 6, 2022. There, the company shared all the main crowd-pleasing features alongside its iPadOS 16 and MacOS Ventura previews. As of September 12, iOS 16 is now available as a free update for anyone with an iPhone 8 or newer. It will also ship the iPhone 14 with iOS 16 pre-installed for anyone who buys this year's newest iPhone.

Here's a quick look at everything coming from iOS 16.
iPhones that will get iOS 16
Apple is known for supporting its iPhones for extended periods compared to Android rivals. The Pixel 3 and 3a, for example, won't be getting Android 13 this fall, while the similarly aged iPhone X and XS can download iOS 16 without a problem.

Read more
Why the Apple Watch Series 8 isn’t good enough to replace my old Series 5
Health metrics displayed on an Apple Watch Series 8.

You’re not alone if you’ve been thinking that recent Apple Watch releases have been a bit underwhelming. Although Apple adds numerous quality-of-life improvements to its wearable each year — and the new Series 8 is no exception — over the past few releases, there’s been little to compel current owners to upgrade to a newer model.

That’s probably fair since the Apple Watch, and wearables in general, are still a growing market. Today, almost everyone already owns a smartphone, so the bulk of Apple’s iPhone customers come from older models or switching over from Android handsets. 

Read more