iPhone, Apple Watch, iPad and Mac urged to download new update to fix major security flaw
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Owners of Apple devices have been urged to update them as quickly as possible to protect against a significant security flaw.
Apple has pushed out updates for most of its devices – the iPhone, Apple Watch, iPad and Mac – that fix the issue and prevent it being exploited in the future.
If it is not fixed, thre is a danger that hackers could take over those device and run their own code, potentially exposing the personal files that are stored on it.
The problem is specifically related to WebKit, the browser engine that powers Safari. Since that application comes installed on all of the affected devices, they each need to be updated to be secure.
Apple itself gave little information on the fixes in the update and sad only that it “provides important security updates and is recommended for all users”.
It refers users to its security pages for more information, but those pages note that Apple gives little information on security problems for strategic reaons.
“For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available, that page reads.
But it does specify that the bug targets “maliciously crafted web content [that] may lead to arbitrary code execution”.
It also credits researchers from other technology companies – Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research – for having found the issue.
There is no indication that it has yet been exploited.
As ever, the update can be downloaded manually by heading into the Settings app, clicking “General”, and choosing the software update option. Clicking on that will bring up the option to download and install it.
If users do not manually install the update, it will soon arrive on any phones that have automatic updates set up. Users will be asked if they want the update to installer may find that it has done so itself overnight.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments