Security Alert: Critical Vulnerability in Apple’s iOS

Advanced Computer Technologies Security Task Force - Security Alert: Critical Vulnerability in Apple's iOS iMessage

The safety of your systems, data, and users are essential to us. As your Trusted Security Partner, we are notifying you of a critical vulnerability in Apple’s iOS for iPhones.

Multinational cybersecurity and anti-virus provider Kaspersky has released an official advisory of observed malware exploitations on Apple’s iOS. iOS is the operating system used in all iPhones.

In observed cases, compromised devices received a suspicious text via iMessage which allowed threat actors to deploy malicious code, and establish a connection with a malicious Command & Control (C&C) server.

This malware is considered particularly dangerous because control of the device can be obtained with zero user interaction. Simply receiving the iMessage attachment on a vulnerable iPhone will deploy the malicious code to your device.

In the modern age, virtually all employees will have work email associated with their mobile device. As such, it is a best practice to follow the manufacturers recommendation and keep your device software up to date.

Advanced Computer Technologies, Your Trusted Security Partner

This can be confirmed by navigating to Settings > General, then tapping Software Update on your iPhone.

Advanced also recommends enabling Rapid Security Responses to receive the latest security patches on your iPhone automatically. This can be enabled by:

  1. Going to Settings > General > Software Update
  2. Tapping Automatic Updates
  3. Make sure that Security Responses & System Files is turned on

More information on Rapid Security Responses can be found here.

Industry best practices also advise keeping backups of your mobile device. Information on this process can be found here.

We will continue to remain steadfast in ensuring the confidentiality, integrity, and availability of your data services. We will provide updates on this critical vulnerability as they are made available.

If you have any questions, comments, or concerns, please don’t hesitate to reach out. We are always happy to help!

Thank you,

The Advanced Security Task Force

We are here to answer any questions for you and your organization regarding its Cybersecurity needs. To request a review of your security posture and alignment, email [email protected].

Contact Advanced Computer Technologies' Security Task Force, Your Trusted Security Partner

Recent Posts

Security Digest (June 2024)

July 2024 Patch Tuesday – 6/11 Deep Dive: CVSS Breakdown On Critical Vulnerability Vendor Patch Advisories Apple Updates TeamViewer Compromise Snowflake Breach Snowballs As always, Advanced

Read More »

Security Digest (May 2024)

May 2024 Patch Tuesday – 5/14 Threat Grading Overview Vendor Patch Advisories Threat Breakdown: The Return of Revenge Remote Access Trojan Looking Back: WannaCry –

Read More »

Cybersecurity Triad

New cyber threats are emerging every day, keeping us on our toes. Let’s talk about some of these threats, including credential stuffing, password spraying, and

Read More »

Security Digest (April 2024)

April 2024 Patch Tuesday – 4/9 Threat Grading Overview Deep Dive: CVE-2024-26234 and Digital Signatures – Who Can We Trust? Vendor Patch Advisories Emerging Threat:

Read More »

Categories