Canadian privacy and cybersecurity activist group The Citizen Lab has announced a zero-day security hole in Apple’s iPhone, iPad and Macintosh operating systems. The attack is widely being described by the nickname FORCEDENTRY. If exploited, this vulnerability could allow the processing of a maliciously crafted PDF that may lead to arbitrary code execution against Apple iOS, macOS and watchOS devices. The exploit works by exploiting an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics). This vulnerability has been assigned to CVE-2021-30860.
Please ensure your Apple iOS, macOS, and watchOS devices are updated with the latest operating system patch.
Checking for updates on a device
On an iPad or iPhone: Go to Settings > General > Software Update.If you are using iOS 14, update to 14.8.
On a MacBook or desktop: Go to Apple Menu > System Preferences > Software Update.If you are using macOS Big Sur 11, update to 11.6.
Note: For users of older iPhones who cannot currently update to the latest version, be cautious about whom you accept PDF files from, and the sites from which you download them.
You can also check the Apple website for a list of new updates.
Checking for updates using Sophos Mobile
Customers using Sophos Mobile can follow the below steps to check and update iOS devices.
Identify affected devices
Remotely install updates (Supervised devices only)
Message users encouraging them to update
Use Compliance Policies to monitor OS versions