Apple Urges iPhone Users to Update Due to Security Flaw – Here’s How

An Apple vulnerability is currently being exploited by Pegasus spyware. Here's how you can protect yourself.

Apple has released a security update to address a newly discovered system flaw that's being ‘actively exploited' to deliver Pegasus malware to iPhones and iPads.

The invasive spyware was developed by the Israeli cyber-arms company NSO Group, and has previously been used to access the devices of journalists, and political dissidents.

Toronto's Citizen Lab, the researchers that discovered the vulnerability, is urging users to update their devices “immediately”. Read on to learn more about the NSO Group's latest exploit and for instructions on how to install the update.

Apple Releases Security Update to Block Pegasus Spyware

Apple is urging iPhone and iPad users to update their devices to iOS 16.6.1 to protect themselves from a software vulnerability known as BLASTPASS.

According to researchers at Citizen Lab at the University of Toronto, the flaw can be exploited by Pegasus spyware, giving attackers full control of devices, and allowing them to gain access to victims' text messages, call recordings, camera rolls, and even data from encrypted apps like Signal and WhatsApp.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get TWO months of Surfshark VPN FREE using this Tech.co special offer.See deal button

Pegasus exploits “zero-click” vulnerabilities, meaning that Apple users don't even need to install software to prompt the attack. The malware can be delivered through images attached to PassKit, sent from a fake iMessage account, making it very hard for users to tell when they're being surveilled.

“This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware.” – Citizen Lab

Citizen Lab first discovered the security gap when they were checking the device of a Washington DC-based civil society employee. After discovering Pegasus' mercenary spyware on the device, they immediately disclosed their findings to Apple.

The NSO Group first developed Pegasus back in 2011, and the Israeli spyware has since claimed a number of high-profile victims including the president of France Emmanual Macron, and the president of the European Council Charles Michel.

Pegasus tends to be deployed against political opponents and dissidents, making it unlikely for regular users to be targeted. However, if you're not keen on taking chances, here's how to protect yourself from the spyware.

How to Install Apple's Emergency Update

Luckily, installing Apple's latest security update is very straightforward. All you need to do is:

  1. Open up Settings on your iPhone or iPad
  2. Select “General” then “Software Update”
  3. Click on the iOS 16.5.1 software update

If the update isn't available on this screen, check your iOS version number under “General” and then “About”. Your device will already be protected if it's running on the 16.6.1 version.

If you're serious about evading threats like Pegasus, we'd also recommend using a VPN for an additional layer of security. Read our guide to the best VPNs for iPhone and iOS to discover our best-rated options.

Did you find this article helpful? Click on one of the following buttons
We're so glad you found this helpful! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:

Isobel O'Sullivan (BSc) is a senior writer at Tech.co with over four years of experience covering business and technology news. Since studying Digital Anthropology at University College London (UCL), she’s been a regular contributor to Market Finance’s blog and has also worked as a freelance tech researcher. Isobel’s always up to date with the topics in employment and data security and has a specialist focus on POS and VoIP systems.

Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals