Well, here we are again: I’m writing an article to tell you that you should really update your iPhone, iPad, or Mac as soon as possible, because the latest software for them fixes some pretty nasty bugs. The security notes for iOS / iPadOS 15.6.1 and macOS 12.5.1 describe fixes for bugs in the OS’ kernel (basically the core that controls everything) and WebKit that could allow attackers to run malicious code on your device. The notes also warn that the bugs may have actively been exploited.
This is, unfortunately, something like the third or fourth time I’m writing a post explicitly asking people to update their iPhones or Macs to patch some pretty serious security flaws. And the truth is, I could’ve written this exact post even more times than that — there have been 13 updates to iOS 15 since its initial release, and nine of them have fixed some sort of arbitrary code execution bug. Oftentimes some of those bugs would allow attackers to obtain kernel privileges.
What’s more, five of those security updates included the “Apple is aware of a report that this issue may have been actively exploited” warning.
So while you’ve probably done this plenty of times this year (and, honestly, the years before that), I’m going to repeat the steps to update your phone: go to Settings > General > Software Update. On the Mac, go to System Preferences > Software Update.
Constant security updates aren’t necessarily a bad thing. Sure, they could be an indication that a lot of bugs are slipping into software, but they could just as easily mean that a company has gotten really good at finding existing issues and stamping them out. The reason I’m pointing out Apple’s recent track record isn’t to shame it, but to remind everyone that updates these days are pretty important, and that they should be installed ASAP.
Yes, it’s actually really annoying to constantly update your computer or phone. No one wants their devices knocked out of commission for the few minutes it takes to install an update. But Apple is working on a way to make important security updates easier and more automatic.
iOS and iPadOS 16, along with macOS Ventura, will include something called “Rapid Security Response,” which seems like it’ll let Apple push security updates to your device that don’t require a restart. While some updates will probably still require a reboot (it’s hard to patch an issue with a kernel while the OS is running), the feature could take away at least some of the burden of keeping your device secure.
The company’s also introducing an “extreme” security setting called Lockdown Mode, though most people won’t want to turn it on. Apple says Lockdown Mode will turn off several features that are especially vulnerable to security flaws, and that it’s mostly meant for people who think they may be targeted by expert hackers, such as the ones hired by governments. If that’s you, the feature should be available when iOS 16 and macOS Ventura release. (Plus, wow, you sound very cool. Or very scary.)
The rest of us, though, can just make sure to keep updating our devices whenever new security patches come out — no matter how annoying that is or how frequently it happens.
Source: https://www.theverge.com/2022/8/18/23312255/iphone-ios-macos-security-update-15-6-1