If you’re reading this, you should strongly consider updating all of your Apple devices to the latest software versions as soon as possible.
Updating to the newest software version when it’s available is already a best practice. But Apple’s latest batch of software updates contain important security patches that could protect against a variety of malicious attacks.
Simply put, if you don’t update, you could be putting your iOS, macOS and other Apple devices at risk of getting hacked. That may be especially true since these security vulnerabilities have officially been disclosed.
And while the odds of actually getting hacked may still be relatively low, it’s better to be safe than sorry. Here’s what you need to know.
What’s the Big Deal?
According to Apple’s security updates page, the latest software versions of iOS, macOS, tvOS and watchOS have addressed significant vulnerabilities.
The security fixes are included in iOS 12.1.3, macOS 10.14.3, security updates to macOS High Sierra 10.13.6 and macOS Sierra 10.12.6, and new updates to tvOS and watchOS.
Some of the more critical vulnerabilities appear to primarily impact iOS and macOS. They include security flaws in Bluetooth, Core Media, CoreAnimation, FaceTime and Hypervisor.
Many of these vulnerabilities could allow attackers to execute malicious code on a device and take control of it. Other security flaws could allow attackers to gain access to elevated privileges — including kernel-level privileges on macOS.
- A vulnerability in FaceTime may have allowed attackers to “initiate a FaceTime call using arbitrary code executions.”
- A flaw in Bluetooth could have allowed attackers in a “privileged network position” to execute arbitrary code on a device.
- Apple has also addressed flaws in its sandbox restrictions in its latest batch of updates. Those flaws could reportedly be exploited by a malicious app to read unrestricted memory or steal data from other apps on a user’s device.
Some of these attacks rely on web browsers, which watchOS and tvOS devices lack. But watchOS 5.1.3 and tvOS 12.1.2 still contain WebKit patches and other fixes to protect against sandbox restriction vulnerabilities and remotely executable code.
How to Update
Because of the seriousness of the vulnerabilities that were patched, it’s recommended that you update all of your Apple devices when you can. Here’s how.
- To download the latest update on iPhone or iPad, just go to Settings > General > Software Update.
- To download the latest update on Macs running macOS Mojave, click the Apple logo > System Preferences > Software Update.
- To download the latest update on Macs running High Sierra or older, open the Mac App Store and click on Updates.
- To update the Apple Watch, open the iOS Watch app on your iPhone. Tap on General and then Software Update.
- To update your Apple TV, navigate to Settings > System > Software Updates. Select Update Software and click on Update Now.