Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple patches iOS zero-day vulnerability exploited by Pegasus spyware

Last updated

Apple on Thursday pushed out updates for older versions of its iOS and macOS operating systems, patching three zero-day vulnerabilities including a bug that was likely exploited in the wild by NSO Group's Pegasus spyware.

Earlier today, Apple issued iOS 12.5.5 with a fix for a CoreGraphics flaw that allows attackers to execute arbitrary code on a target device through maliciously crafted PDFs. The vulnerability may have been exploited in the wild, according to a support document detailing the update's security content.

Impacting a range of iPhone and iPad models, including iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and sixth-generation iPod touch, the CoreGraphics zero-day was discovered by Citizen Lab, an interdisciplinary laboratory at the University of Toronto's Munk School of Global Affairs. The group's involvement strongly suggests NSO deployed the exploit to bolster its Pegasus malware tool.

Citizen Lab has been following NSO and its impact on technology human rights and the global political landscape for years. Over the past few months, the initiative discovered multiple zero-day vulnerabilities tied to the Pegasus spyware, which is allegedly used by authoritarian governments to hack and surveil iPhones and other iOS devices used by journalists, activists, government officials and other persons of interest.

Pegasus is sometimes deployed as a zero-click attack. In August, it was reported that a so-called "ForcedEntry" attack vector was used to bypass Apple's new BlastDoor security protocols in Messages, allowing insertion of Pegasus on a Bahraini human rights activist's iPhone 12 Pro. Apple subsequently released a fix for impacted iOS 14 versions earlier in September. Separate attack vectors reportedly involved Photos and Apple Music.

The Citizen Lab discoveries brought public attention to the potential for abuse of Pegasus by government entities. In July, Israeli government officials visited the offices of NSO as part of an investigation into the spyware.



2 Comments

MplsP 8 Years · 4047 comments

 In July, Israeli government officials visited the offices of NSO as part of an investigation into the spyware” …to congratulate them for their work. 


Good for Apple for patching this. This also highlights one of the strengths of Apple - the 5s came out 8 years ago, making it ancient by technology standards, yet Apple is still releasing security patches for it. Props to Apple for doing this. 

JFC_PA 7 Years · 947 comments

Patched on my first Gen iPad Air running iOS 12. Nice support of their products. (It still makes a nice e-reader.) 8 years on.