What happened?
On Monday, September 13th, Apple released a series of critical patches. The patches address several “zero click” remote code execution vulnerabilities in all versions of macOS, iOS and watchOS. These vulnerabilities are actively being exploited by the NSO Group’s Pegasus software.
What do I need to do?
Install the security patches provided by Apple for any devices you manage. There are patches for macOS on computers, iOS on iPhone and iPad, and watchOS for Apple Watch.
Apple Update Support
macOS: https://support.apple.com/guide/mac-help/get-macos-updates-mchlpx1065/mac
iOS: https://support.apple.com/guide/iphone/update-ios-iph3e504502/ios
watchOS: https://support.apple.com/en-us/HT204641
Where can I learn more?
Additional information about the patches is available from Apple - https://support.apple.com/en-us/HT201222
Citizen Lab provides a writeup of their discovery - https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/