Security Update: FORCEDENTRY – Update your Apple Devices

Security Update

A critical security vulnerability called FORCEDENTRY on IOS and MacOS devices means you should update immediately.

Earlier this week apple released a critical software patch to fix an exploit that allows attackers to directly infect iPhones and other Apple devices.  No user interaction is needed, which makes this attack particularly dangerous.

The exploit was originally developed by Israel’s infamous hacker-for-hire firm named NSO Group to target specific individuals.  Targets including Saudi activists and media personnel.  However, in the wrong hands this exploit could be used to access any Apple iPhone, Mac or Apple Watch that hasn’t been patched.

Concern is high because this is a “zero-click” exploit.  That means that it does not require users to click on suspicious links or download infected files to deliver its payload.  Once infected they can deliver a spyware payload that gives them control of the device.  They can eavesdrop on conversations and steal data.

Credit for discovery and reporting of the exploit goes to Citizen Lab which is part of the University of Toronto.  Apple has released a patch that will protect your devices.  Users should have gotten an alert prompting them to download the security patch immediately.  You can also download the latest update by clicking on “general” then “software update” from the main menu to manually run the patch.

Conclusion

Keeping our clients safe online is the highest priority for i.t.NOW.  We encourage all users of Apple devices to apply the security update immediately.  This exploit is serious and poses a clear and present danger to those with unpatched systems.  You could be infected without your interaction.  Please take the time to update today.

As always, the team at i.t.NOW is here to support you.  Feel free to reach out to us with questions about this exploit or any other security concern you may have.  Our goal as always, is to keep your business safe and productive.