Apple has released an emergency security update to address vulnerabilities in iOS and iPadOS for a zero-click zero day exploit that allows the installation of malware on a device. An attacker could exploit these vulnerabilities to take control of an affected device if they are unpatched.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Ivan Krstić, head of Apple Security Engineering and Architecture, said in a statement.
Krstić said Apple rapidly addressed the issue with a software fix and that the vulnerability is “not a threat to the overwhelming majority of our users.”
Although it is suspected that this vulnerability is only affecting a small set of targeted users currently, Elteni has reviewed the iOS 14.8 and iPadOS 14.8 security update page and encourages users and administrators to apply the necessary updates.
Apple has provided instructions here: https://support.apple.com/en-us/HT204204
