Apple rushes to block ‘zero-click’ iPhone spyware

Apple has issued a software patch to block so-called “zero-click” spyware that could infect iPhones and iPads. Independent researchers identified the flaw, which lets hackers access devices through the iMessage service even if users do not click on a link or file. The problem affects all of the technology giant’s operating systems, the researchers said. Apple said it issued the security update in response to a “maliciously crafted” PDF file. University of Toronto’s Citizen Lab, which first highlighted the issue, had previously found evidence of zero-click spyware, but “this is the first one where the exploit has been captured so we can find out how it works,” said researcher Bill Marczak. The researchers said that the previously unknown vulnerability affected all major Apple devices, including iPhones, Macs and Apple Watches.(BBC)…[+]