Apple Inc (NASDAQ:AAPL), this week, has released a patch to its Mac OSX desktop operating system to fix a major security flaw that was present in its iOS mobile operating system. This security flaw was said to be dangerous as it could allow hackers to use malware to spy on iPhone calls and text messages without the user’s

Last week, a similar bug was fixed by Apple by releasing iOS 9.3.5 and now the company found the same bug in its desktop OS as well as the safari desktop browser.

According to the Apple Advisory, Apple Safari desktop browser 9.1.3 bug could allow online thieves to execute arbitrary code on any computer without their knowledge and direct users to a maliciously crafted website.

In a recent incident, a UAE-based human rights activist Ahmed Mansoor’s iPhone has been hacked in a similar manner. He reportedly received a text message from a “cyber war” company with a URL. When he clicked on the link in the text message, it leads him to a “maliciously crafted website” and later his device has been jailbroken and a surveillance software was installed. Luckily, he hasn’t activated the malware, if activated, the malware would have accessed camera, microphone and GPS on his iPhone.


This fake “cyber war” company is said to be connected to an Israeli company – NSO Group, which is known for “lawful intercept” spy software for governments across the world, according to a report by Citizen Lab, a research group. Citizen Lab researcher Bill Marczak said in an interview to Motherboard:

“Not only could NSO infect iPhones at the touch of a link, but it seems that the vulnerabilities they were exploiting could be weaponized to target many different platforms.”

The desktop OS patch has been applied to the both Yosemite and El Capitan versions of OS X.

Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6

Impact: An application may be able to disclose kernel memory

Description: A validation issue was addressed through improved input sanitization.

Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed through improved memory handling.