Toggle Dark Mode
Even though all the attention is on iOS 17 these days, Apple hasn’t been neglecting its iOS 16 releases. After all, iOS 17 won’t officially arrive until at least September, and not everybody is up for running the public betas at this point — nor should they be.
To that end, Apple has just released iOS 16.6, another significant point release for its current operating system. While this latest update doesn’t add much in the way of new features, the changes it brings are considerably more important than just giving you some new things to play with.
We live in a more dangerous digital world than ever, with malicious “black-hat” hackers building industrial-grade spyware tools with names like Pegasus and Predator, and while you’re unlikely ever to be specifically targeted by one of these, the very existence of such tools proves that Apple is fighting a cat-and-mouse game to ensure the iPhone remains as secure as possible for its customers.
No Subscriptions - Get Microsoft Office Lifetime Access for Just $49.97
Even Microsoft tries to nudge you toward paying monthly for their Suite 365. The good news is that you don't have to. iDrop News readers can get lifetime access to MS Office at 85% off the normal price...Get It Here
As such, Apple’s mid-cycle iOS updates in recent years have been as much about plugging the vulnerabilities these miscreants are exploiting as it is about adding shiny new features — and iOS 16.6 is no exception.
In fact, according to Apple’s security release notes, iOS 16.6 addresses 16 specific security vulnerabilities found in more than a half-dozen different areas of the operating system, from the core Kernel and WebKit to the Find My app and even Apple’s Neural Engine.
What’s more significant is that at least two of these security holes are likely already being used by hackers to potentially compromise data on people’s iPhones, which is why you should update to iOS 16.6 immediately to close off this potential point of access.
According to Apple, one of the six issues found in WebKit that “may have been actively exploited” could allow web content viewed in Safari or even another app that provides browsing capabilities to “lead to arbitrary code execution,” creating a pathway for malware to get into your iPhone.
Another “actively exploited” flaw found in the Kernel could allow an app to “modify sensitive kernel state.” Since the kernel is at the core of the entire operating system, this could lead to elevated privileges that may allow access to data that an app wouldn’t otherwise be allowed to get at due to Apple’s usual sandboxing restrictions.
Naturally, Apple doesn’t go into any details about exactly how these vulnerabilities were exploited as it doesn’t want to give bad actors any ideas. Further, just because Apple is only aware of two of these flaws being actively exploited, that doesn’t mean some or all of the other 14 haven’t been — and many of these are just as potentially dangerous.
For instance, two other kernel vulnerabilities could allow elevated privileges or arbitrary code execution with full kernel (system) privileges, and another issue in Apple’s Neural Engine could let a malicious app do the same by using that as an attack vector. A bug in Find My could also have allowed an app to read sensitive location information that it wouldn’t otherwise have access to.
More significantly, now that Apple has announced the existence of these flaws, it’s a safe bet that a whole new crop of malware will be developed to try and take advantage of them, making it more critical than ever for you to secure your iPhone with the latest software update.