Overview
A newly discovered vulnerability (CVE-2021-30860) impacts all Apple operating systems that use the iMessage application.
Details
Affected devices:
iPhones with iOS versions prior to 14.8
Mac computers with operating system versions prior to OSX Big Sur 11.6
Mac computers with operating system versions prior to Catalina Security Update 2021-005
Apple Watches prior to watchOS 7.6.2
All iPad Pro models, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later
iPod touch 7th generation
This vulnerability leaves the device susceptible to the installation of spyware without user knowledge, granting the attacker the ability to track messages and media sent and received by the user.
Conclusion
Trusted Internet recommends the owners of Mac computers, Apple Watches, and iPads check for and apply the most recent patches to their system soonest. (For iPhone users, that will be version 14.8.)
If you own an Apple device that falls outside of support for this patch, we recommend upgrading.
Trusted Internet remains dedicated to 24/7 monitoring for cyberattacks like this one. We also provide tailored consulting and project management to further secure your networked systems, data, devices, and accounts. If you have any questions or need to report a suspected cybersecurity incident immediately, please call:
SOC hotline at 1-800-853-6431 ext. 1 or email support@trustedinternet.com.
How are we doing? What would you like to see improved? Please take our survey at: