The company says that a pair of dangerous bugs in its operating system mean that hackers can get access to some of the most important parts of Apple device’s software.
What’s more, the company has warned that the problem may already have been actively exploited by hackers. That means that an attack is out there, and any device running software that hasn’t been updated is potentially at risk.
Luckily, it is a relatively straightforward process to update any Apple device and stay safe from the bug. In fact, it might have happened already.
Here’s everything you need to know.
What is the bug?
There are two bugs. It is not entirely clear what they are – Apple and other technology companies give relatively little detail on such vulnerabilities, to avoid them being used by hackers – but they relate to central parts of the operating system.
We do know enough to be sure that they are worrying though. Apple said they allow for “arbitrary code execution” – in practice, that means that hackers could run code as if they are the owner of the device, giving them full access and theoretically the ability to do what they want.
Apple often issues security updates for problems that have been found in its software. But it is that fact of it having been actively exploited that it is of concern, here – that happens much less often.
How widely has it been used?
Apple did not say how many people had been attacked using the vulnerability. It did not even say for sure that anyone had, only that it was “aware of a report that this issue may have been actively exploited”.
In practice, however, that means that an exploit for the vulnerability is probably out there. Some security bugs are theoretical, in that a company knows they exist but not that hackers have actually made use of them yet – but this is not one of those.
How worried should I be?
Don’t panic – but don’t be apathetic either. With a vulnerability made public and an exploit for it out in the wild, there is good reason to make sure you are taking precautions.
People who are at particularly high risk should be extra concerned, of course. You are likely to know if you are in such a group: activists, lawyers, dissidents, journalists and others are particularly likely targets, especially if they are working in countries that have been known to use such attacks in the past.
But every device is equally compromised. Nobody should put off updating their devices – especially since fixing it is simple.
Thankfully, there is an easy way to be sure you are as secure as you can be: update your device. Instructions for doing so are below.
What devices are affected?
Any Apple devices that are running new updates could be hit by the problems. Experts have advised that concern should be taken by people with the iPhone 6S or later; iPads since the fifth generation or any iPad Pro; and any Macs that are running Monterey, the latest update.
But it is always best to keep any device as up to date as it possibly can be. Older devices do not appear to be affected by the bug but it is always best to check that they are running the most up to date software, since Apple does also issue security updates for operating systems that it is not actively developing.
How do I update my device?
Updating is so simple that it might already have happened. But it is worth checking, and pushing it through manually if not.
On the iPhone or iPad, open up the Settings app and click “General” and then “Software Update”. The phone will then check if there is anything new waiting for you, and offer the option to download and install it.
On the Mac, click the Apple logo in the top left corner and open System Preferences. Again, choose “Software Update” and wait for the Mac to check if Apple has anything new to offer you.
You might find that there is no update waiting for you. If so, your device has probably updated itself already, as all Apple devices try and do these days.
You can be sure by clicking the “About” button and checking what version of the operating system you are running. It should be 15.6.1 on the iPhone and iPad, and Monterey 12.5.1 on the Mac.