0:00
what's going on youtube gsm right here
0:02
so in today's video we're discussing
0:03
some very important things about an
0:06
exploit that seems to be affecting
0:08
14.7.1 and lower and it represents a
0:10
major security risk for everybody who is
0:13
not on 14.8 this video is brought to you
0:15
by wondershare and their software doctor
0:17
phone system repair which allows you to
0:18
repair various ios issues like the ios
0:21
no longer powering on and so on you can
0:23
check it out in the link below it can
0:25
fix a plethora of issues including boot
0:27
loops and of course screen hangs and so
0:29
on and it does support ios 14 and all
0:32
devices check it out in the link below
0:35
so a couple of days ago back on
0:36
september 13 fourth entry has been
0:39
posted and it's basically by nso group
0:42
and it's an imessage zero click exploit
0:44
captured in the wild this prompted apple
0:47
to release ios 14.8 rather fast and of
0:50
course it only patches two
0:51
vulnerabilities this one here by
0:53
citizenlab and of course a webkit
0:55
vulnerability both of which have been
0:57
exploited in the wild what this means is
0:59
that they have been used against
1:02
somebody who happened to have used an
1:04
iphone or an ipad or something like that
1:06
in order to get data from that person so
1:08
in the case of forced entry or the gases
1:11
if you want to this has been used
1:13
against the phone of a saudi activist
1:15
which was infected of course with the
1:17
nso group the gas spyware and they
1:19
managed to exfiltrate data apparently
1:22
this exploit is basically targeting a
1:24
message and it's actually quite good at
1:26
exfiltrating data now if you go ahead
1:27
here on citizenlab's website i'm going
1:29
to link this advisory down below you can
1:31
see exactly what they found and how this
1:33
exploit works but what's important is
1:35
that this is a major security risk for
1:38
anybody running ios 14.7.1 which by the
1:41
way is signed at the moment and lower so
1:44
this has been patched on 14.8 which
1:46
means that if you're not running 14.8
1:49
you are definitely vulnerable to this
1:51
the problem is that if you want to
1:52
jailbreak your device 14.8 is a bad
1:55
version to be on in fact 14.7.1
1:58
is a bad version to be on however if
2:00
you're already on 14.7.1
2:03
going to 14.8 in order to patch those
2:05
two vulnerabilities probably isn't that
2:07
bad of an idea because i don't exactly
2:09
think these will be used for jailbreak
2:11
purposes and even if they will you're
2:13
not losing much because these are big
2:15
security risks anyways so if you're
2:17
running 14.7.1 you can depending on the
2:21
circumstances jump to 14.8 with no
2:23
problem because aside from these two
2:25
vulnerabilities there are no other
2:27
patches between the two however if
2:29
you're running anything lower like 14.7
2:31
14.6 14.5.1 14.4 i would definitely not
2:36
advise it to go to 14.8 now as bad as
2:39
the fourth entry or nso the gases may
2:42
sound and it actually is bad it's a zero
2:45
click so it means that you don't have to
2:47
even click the links or anything that
2:48
they send if they want to infect your
2:50
device but they were basically targeting
2:53
high-profile people like the saudi
2:55
activists or journalists or vips or
2:58
people of interest like public people
3:00
this will probably not target you a
3:03
random person on the internet who is not
3:04
famous or a known activist or known
3:07
journalist and stuff like that however
3:09
if you really are very scared that you
3:11
may get infected with pegasus you can
3:13
update the 14.8 but do know that this
3:16
will result in you not having a
3:18
jailbreak for a very long time for 14.4
3:21
14.4.1 14.5 14.6 and so on there are
3:25
vulnerabilities released or in the
3:26
pipeline to be released so the jailbreak
3:29
may not take very much from this point
3:31
on however if you update the 14.8 you
3:33
will have to wait literally months for
3:35
the next jailbreak so yeah do you have
3:37
to update the 14.8 not necessarily you
3:41
don't have to because you're probably
3:42
not going to be targeted by nso group or
3:45
by their exploits but if you really are
3:47
afraid you might get the gases or
3:49
somebody is on to get you you can update
3:51
the 14.8 but do know that will result in
3:54
you losing the chance to jailbreak
3:55
anytime soon so do know that a patch has
3:58
been made available for pegasus it's on
4:00
14.8 and if you do update to this one it
4:02
essentially patches everything in here
4:04
the fourth entry bug but it's very bad
4:06
for jailbreak purposes yep that's
4:08
basically it thank you for watching as i
4:10
said if you are very scared of this
4:11
exploit if you do believe that you are
4:13
somebody of interest for any hacker or
4:15
any hacking agency like nso then
4:17
definitely update if you're interested
4:19
in jailbreaking and you're not a public
4:21
person and stuff like that you're not
4:22
somebody of interest for these hackers
4:24
then you can probably safely stay on
4:26
14.4 14.5 and so on so thank you for
4:29
watching imgsnow till the next time
4:31
subscribe to stay updated and peace out
