Apple has been making their case to consumers over the last few months and years as the privacy-focused alternative to big-brother-ish Amazon, Facebook and Google (at least, that’s the implication in Apple’s PR positioning, anyway). But no matter how privacy and security focused you may be as a company — especially if you’re a massive, strategically vital company like Apple — you’ll be the target of hacks. It’s just a fact of modern life. That said, there’s never been a more important time to update your iPhone iOS. Here’s why:
Why you absolutely should update your iPhone iOS right now
I know it’s annoying. Every few weeks, or at the very best few months, you get that little red badge next to your “General” line inside System Settings on your iPhone. It’s almost always in reference to a full iOS patch or upgrade, and I know that it’s a pain. It takes quite a while to download the massive file size, and it usually puts your phone MIA for a solid 30-60 minutes. But, as the security expert in the room, it’s vital that you respond to these prompts quickly. Why? Because when Apple (or security researchers) find a bug or vulnerability, they patch it and protect people’s iPhone and iPhone iOS through those updates. And just last week, one of the biggest vulnerabilities ever found to target Apple reared its ugly head.
The Apple ‘Zero Day’ Vulnerability
First, a bit of jargon explanation… From Nordpass: “A zero-day vulnerability is a weakness in software that has been discovered by a hacker but is still unknown to the developer. It’s called ‘zero-day’ because once a hacker detects the vulnerability, the software vendor essentially has “zero time” to patch it before it’s exploited.”
Apple’s explanation of this specific vulnerability means that a hacker could get “full admin access” to the device. According to a report from NPR, it “would allow intruders to impersonate the device’s owner and subsequently run any software in their name, said Rachel Tobac, CEO of SocialProof Security.”
We know it’s a zero-day vulnerability because Apple already confirmed the flaw is allegedly already being exploited in the wild; and, when the flaw is abused abused, it allows threat actors to execute remote code on a vulnerable device, remotely.
“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” Apple said in a security advisory.
All this means is that the vulnerability not only exists, but has already been used to infect and control targeted devices by threat actors.
Security threats like this are why you should always, always, always update your iPhone iOS as soon as said updates become available.
If you’re in an enterprise setting, it’s doubly important because every end point in your network is a possible incursion opportunity that could easily lead to your entire tech stack falling prey to the attack.
Part of our managed service offering is monitoring and patching every endpoint on your network to ensure that vulnerabilities like these don’t allow threat actors to corrupt your entire system.
If you’re interested in learning more about how Leverage can help protect you from the countless threats lurking out there, drop us a line. We’re tasked with keeping hundreds of our partners and clients safe (and backed up) — we’d love to talk with you about how we can help keep you safe too.
Dive straight into the feedback!Login below and you can start commenting using your own user instantly