Apple releases iOS 14.8 and macOS 11.6 to address Pegasus spyware hack

The company recommends all users download the updates.

Mat Smith / Engadget

One day before its next major event, Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2 and macOS Big Sur 11.6. All four are minor updates that don’t add new features to their respective operating systems but include important security fixes. As such, Apple recommends all users download them as soon as they can.

Depending on the update, it addresses as many as two issues. One relates to the CoreGraphics framework in iOS, iPadOS and macOS, while the other stems from Apple’s WebKit browser engine. In both instances, the company says it’s aware of at least one report where the vulnerabilities may have been actively exploited to execute arbitrary code.

One of the flaws was discovered by the University of Toronto's Citizen Lab and is linked to the Pegasus spyware. According to The Washington Post, the flaw has been in use on iOS, watchOS and macOS since at least February. Citizen Lab advises all Apple users to update their devices immediately.

On an iPhone or iPad, you can manually check for iOS 14.8 and iPadOS 14.8 by opening the Settings app on your device, tapping “General” and then “Software Update.” On macOS, meanwhile, open the System Preferences menu and then click on “Software Update.”

Update 4:19 PM ET: Added more information about one of the flaws.

This article contains affiliate links; if you click such a link and make a purchase, we may earn a commission.