• by Ray Schultz , September 13, 2021

A day before it is set to unveil its iOS 15, Apple has closed a potential security flaw that would allow a spyware attack that could affect existing Apple devices.

The company released iOS 14.8 and iPadOS 14.8 -- patches that reportedly could fight a Pegasus spyware attack. 

“Processing a maliciously crafted PDF may lead to arbitrary code execution,” Apple says, addressing one issue. “Apple is aware of a report that this issue may have been actively exploited.”

“This update provides important security updates and is recommended for all users,” the company says, according to Macworld.

Citizen’s Lab, whose researchers discovered the problem, identified Israel’s NSO Group as the entity behind the spyware, according to The New York Times. 

Pegasus infects an Apple device without the owner’s knowledge. 

“Known as a ‘zero click remote exploit,’ it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly break into a victim’s device without tipping the victim off,” the Times writes. 

MacWorld notes that Apple is about to release iOS 15. 

“But it looks like the company isn’t done patching up iOS 14 just yet,” it adds.