Skip to main content

I am once again asking you to update your Apple devices

Most updates are like this now, but that doesn’t make them less important. | Photo by Amelia Holowaty Krales / The Verge

Well, here we are again: I’m writing an article to tell you that you should really update your iPhone, iPad, or Mac as soon as possible, because the latest software for them fixes some pretty nasty bugs. The security notes for iOS / iPadOS 15.6.1 and macOS 12.5.1 describe fixes for bugs in the OS’ kernel (basically the core that controls everything) and WebKit that could allow attackers to run malicious code on your device. The notes also warn that the bugs may have actively been exploited.

This is, unfortunately, something like the third or fourth time I’m writing a post explicitly asking people to update their iPhones or Macs to patch some pretty serious security flaws. And the truth is, I could’ve written this exact post even more times than that — there have been 13 updates to iOS 15 since its initial release, and nine of them have fixed some sort of arbitrary code execution bug. Oftentimes some of those bugs would allow attackers to obtain kernel privileges.

What’s more, five of those security updates included the “Apple is aware of a report that this issue may have been actively exploited” warning.

So while you’ve probably done this plenty of times this year (and, honestly, the years before that), I’m going to repeat the steps to update your phone: go to Settings > General > Software Update. On the Mac, go to System Preferences > Software Update.

Constant security updates aren’t necessarily a bad thing. Sure, they could be an indication that a lot of bugs are slipping into software, but they could just as easily mean that a company has gotten really good at finding existing issues and stamping them out. The reason I’m pointing out Apple’s recent track record isn’t to shame it, but to remind everyone that updates these days are pretty important, and that they should be installed ASAP.

Yes, it’s actually really annoying to constantly update your computer or phone. No one wants their devices knocked out of commission for the few minutes it takes to install an update. But Apple is working on a way to make important security updates easier and more automatic.

iOS and iPadOS 16, along with macOS Ventura, will include something called “Rapid Security Response,” which seems like it’ll let Apple push security updates to your device that don’t require a restart. While some updates will probably still require a reboot (it’s hard to patch an issue with a kernel while the OS is running), the feature could take away at least some of the burden of keeping your device secure.

The company’s also introducing an “extreme” security setting called Lockdown Mode, though most people won’t want to turn it on. Apple says Lockdown Mode will turn off several features that are especially vulnerable to security flaws, and that it’s mostly meant for people who think they may be targeted by expert hackers, such as the ones hired by governments. If that’s you, the feature should be available when iOS 16 and macOS Ventura release. (Plus, wow, you sound very cool. Or very scary.)

The rest of us, though, can just make sure to keep updating our devices whenever new security patches come out — no matter how annoying that is or how frequently it happens.



Source: The Verge

Popular posts from this blog

Twitter has hidden the chronological feed on iOS again – and I'm furious

In a controversial move, Twitter has brought back a feature that removes the 'Latest Tweets' view for users on iOS, which is something that many users, including me, hated back in March 2022 – and it's now rolling out. The first time the company decided to do this, 'Home' would appear first in a tab at the top, and there was no way of changing it so that 'Latest Tweets' would be the default view. It was reverted back after the company said it was a 'bug' for iOS users. This time though, it's no bug. Instead, it's 'For You' and 'Following' where you can only swipe between them now, which doesn't make much sense for a platform where you're using the platform to keep up to date with who you follow. It's a bizarre change that makes me ask – who wants this, especially during a time when its new owner, Elon Musk, is bringing in and reversing changes almost every week still? This one change will have big consequenc

New MacBook Pro Reviews: Hands-On Look at Performance and Upgraded Specs

The new 14-inch and 16-inch MacBook Pro models will start arriving to customers and launch in stores this Tuesday. Ahead of time, the first reviews of the laptops have been shared by select media publications and YouTube channels. Powered by Apple's latest M2 Pro and M2 Max chips, the new MacBook Pros offer up to 20% faster performance and up to 30% faster graphics. The laptops can be configured with up to 96GB of RAM, compared to a max of 64GB previously. Other improvements include Wi-Fi 6E, an upgraded HDMI 2.1 port with support for up to an 8K external display, and an extra hour of battery life over the previous generation. The new MacBook Pros have the same design as the previous models released in October 2021. The laptops can be pre-ordered on Apple's online store, with pricing starting at $1,999 for the 14-inch model and at $2,499 for the 16-inch model. Benchmarks Geekbench results from last week revealed that the M2 Pro and M2 Max chips offer up to around 20%

iPhone 15 Pro Rumored to Feature Ultra-Thin Curved Bezels

The iPhone 15 Pro models will have thinner, curved bezels compared to the iPhone 14 Pro models, potentially resulting in an Apple Watch-like appearance, according to the leaker known as " ShrimpApplePro ." ShrimpApplePro clarified that the next-generation "Pro" iPhone models will still have flat displays, since only the bezels are to be curved. According to a source speaking to the leaker, this combination of slimmer bezels and curved edges could result in a look similar to the Apple Watch Series 7 and Series 8. The curved front glass will purportedly also be present on the ‌iPhone 15‌ and ‌iPhone 15‌ Plus's design, but these devices will not have thinner bezels compared to their iPhone 14 predecessors. ShrimpApplePro added that the ‌iPhone 15‌ lineup will feature the same display sizes as last year's ‌iPhone 14‌ lineup. Last year, the leaker was among the first to say that the ‌iPhone 15‌ Pro models will have a titanium frame with curved rear ed

This new Linux malware floods machines with cryptominers and DDoS bots

Cybersecurity researchers have spotted a new Linux malware downloader that targets poorly defended Linux servers with cryptocurrency miners and DDoS IRC bots. Researchers from ASEC discovered the attack after the Shell Script Compiler (SHC) used to create the downloader was uploaded to VirusTotal. Apparently, Korean users were the ones uploading the SHC, and it’s Korean users who are targets, as well. Further analysis has shown that the threat actors are going after poorly defended Linux servers, brute-forcing their way into administrator accounts over SSH.  Mining Monero Once they make their way in, they’ll either install a cryptocurrency miner, or a DDoS IRC bot. The miner being deployed is XMRig, arguably the most popular cryptocurrency miner among hackers. It uses the computing power of a victim's endpoints to generate Monero, a privacy-oriented cryptocurrency whose transactions are seemingly impossible to track, and whose users are allegedly impossible to identify. Fo