Go Update Your iPhone and iPad NOW!

Category

Vulnerabilities

Risk Level

 

Apple released a critical security update for iOS and iPadOs today on the eve of their major fall hardware release to patch multiple zero-day vulnerabilities. If you read no further, update your iPhone and/or iPad NOW!

“A zero what now?”

You may remember from another ACT post that vulnerabilities are holes in the code of your electronic devices that when left unpatched, can allow hackers to use them to their advantage; like walking in to your house through an open back door.

Often times, companies will identify these holes and fix them before a hacker can ever use them. If you keep your devices updated, you reduce the risk of this ever causing you a problem. But a zero-day vulnerability is one that companies don’t know about, and hackers have discovered first. They are rare, but they do happen. In this case, Apple and the Department of Homeland Security believe these zero-day vulnerabilities have been exploited in the wild (meaning hackers are already using them) as part of a series of vulnerabilities tied to the NSO Group.

“So what do I do?”

In short, update your iPhone. Go to Settings > General > Software Update and download and install the latest iOS/iPadOS version: 14.8.

While you’re on that screen and waiting for your download to finish, click on Automatic Updates and turn on the switches for Download iOS Updates and Install iOS Updates so that your phone will stay up to date automatically. Same goes for Download iPadOS Updates and Install iPadOS Updates.

Ready to be a cybersecurity champion? Go to Settings > App Store and turn on the switch for App Updates so that all your apps stay up to date automatically too.

“What’s the update doing?”

This update is meant to address two things:

  • Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

  • Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

More simply, the updates patch holes that let malicious documents and websites run unchecked code (which isn’t a good thing) and potentially allow someone to spy on what you do on your device. Given how much we do on our mobile devices, this is a huge risk for you!

“Got it. Is there a better way for my company to stay on top of this?”

There is! If your company is trying to understand where you’re missing updates and are vulnerable - whether it’s iPhones, servers, or the cloud -let’s talk about our Vulnerability Assessment today. We’ll regularly help you identify where things are at risk, and help you close the door to hackers. Ready to get started? Click the link below!

 

Follow us - stay ahead.


Read more of the ACT

Previous
Previous

What Really Caused Data Breaches in 2020?

Next
Next

Hive Systems Featured on BARR Advisory’s cyBARR Chats