Google’s Project Zero Deep Dives into NSO Group ‘FORCEDENTRY’ Exploit

Google’s Project Zero security team published a deep dive into FORCEDENTRY, a zero-click exploit in iMessage used by NSO Group. Apple’s Security Engineering and Architecture (SEAR) group collaborated on the analysis.
Based on our research and findings, we assess this to be one of the most technically sophisticated exploits we’ve ever seen, further demonstrating that the capabilities NSO provides rival those previously thought to be accessible to only a handful of nation states.
The vulnerability discussed in this blog post was fixed on September 13, 2021 in iOS 14.8 as CVE-2021-30860.
Tags: Google, iMessage, NSO Group, Security, Security Friday