Well, here we are again: I’m writing an article to tell you that you really should update your iPhone, iPad or Mac as soon as possible because the latest software fixes some pretty annoying bugs for them. The security notices for iOS / iPadOS 15.6.1 and macOS 12.5.1 describe bug fixes in the operating system kernel (basically the core that runs everything) and WebKit that allow attackers to run malicious code on your device. The comments also warn that the bugs may have been actively exploited.
Sadly, this is like the third or fourth time I’ve written a post explicitly asking people to update their iPhones or Macs to fix some pretty serious security flaws. And the truth is I could have written this exact post even more times than that – have been 13 updates for iOS 15 since the first release, and nine of them fixed some sort of random code execution error. Often, some of those bugs would allow attackers to gain kernel privileges.
Moreover, five from That safety updates including the warning “Apple is aware of a report that this issue may have been actively exploited”.
So while you’ve probably done this many times this year (and honestly the years before), I’m repeating the steps to update your phone: go to Settings > General > Software update. On Mac, go to System Preferences > Software update.
Constant security updates aren’t necessarily bad. Sure, they can be an indication that a lot of bugs are sneaking into the software, but they could just as well mean that a company has become very good at finding existing problems and fixing them. The reason I’m raising Apple’s recent track record isn’t to shame it, but to remind everyone that updates are pretty important these days and should be installed as soon as possible.
Yes, it is actually very annoying to constantly update your computer or phone. No one wants their devices to be taken out of service for the few minutes it takes to install an update. But Apple is working on a way to make important security updates easier and more automatic.
iOS and iPadOS 16, along with macOS Ventura, will include something called “Rapid Security Response,” which looks like Apple will push security updates to your device that don’t require a reboot. While some updates will probably still require a reboot (it’s hard to patch a kernel issue while the OS is running), the feature can at least take some of the burden off of securing your device.
The company is also introducing an “extreme” security setting called Lockdown Mode, although most people don’t want to enable it. Apple says Lockdown Mode will disable several features that are particularly vulnerable to security flaws, and that it’s primarily aimed at people who believe they could be targeted by expert hackers, such as those hired by governments. If that’s you, the feature should be available when iOS 16 and macOS Ventura are released. (Besides, wow, you sound really cool. Or very scary.)
However, the rest of us can make sure we keep updating our devices when new security patches come out — no matter how annoying that is or how often it happens.