This week, Apple released a series of critical software updates for users of iPhones, iPads, and  Macs. Apple doesn't typically release security fixes outside of regular updates, which tells you how seriously the company is taking this vulnerability. Considering there are more than 1.5 billion people using iPhones, and the Mac is more popular than ever, Apple has a strong incentive to fix bugs that pose a security risk as quickly as possible.

In this case, the updates fix a vulnerability that Apple says could allow an application "to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."

Basically, a malicious website could run code that allows an attacker to gain control of your device based on a bug in Safari WebKit. In addition, an application could gain control of the kernel, which is the lowest level software running on a device. Obviously, that's bad, and Apple has issued this security update to patch the problem.

That second part of that statement, however, is why you should update immediately. It's one thing for Apple to discover that there is a bug that could lead to a security risk. It's another when that bug has been actively exploited. That means Apple has been notified that there are individuals or a group that are attempting to use the vulnerability to conduct attacks. Apple doesn't say how it became aware of the exploit aside from crediting an "anonymous researcher." 

Thankfully, updating software on an iPhone, iPad, or Mac, is relatively easy. On an iPhone or iPad, go to Settings > General > Software Update. If you don't see an update for 15.6.1, you can go verify you are running the most current version by going to Settings > General > About, which will tell you what version of iOS you are running. 

On a Mac, open System Preferences and choose Software Update. The current version is 12.5.1. If you're not running macOS 12 (Monterey), there is also an update available for Safari for Big Sur and Catalina users that addresses the same vulnerability, which will also be found under the Software Update preferences pane. 

It's also worth mentioning that you can have your Mac automatically check for updates, download them, and let you know they are ready to be installed. If you're at all concerned about keeping your devices safe from potential security risks, you should probably go ahead and check each of the boxes under the Advanced button in the Software Update window.

 inline image

The same is true on the iPhone. You can select the option to have your iPhone automatically download new updates and even let your phone install new updates overnight. The iPhone also gives you a third option to automatically install security updates like the one Apple just released.

 inline image

By the way, the fact that a vulnerability like this exists doesn't mean your devices are automatically at risk. First, even an exploit like the one mentioned in this fix isn't something most people will have to worry about during normal use of their device. Still, you should make a habit of keeping your devices up-to-date so you never have to worry about having your information compromised. 

The fact that there are so many iPhones in use makes iOS and Safari huge targets. There will always be bad actors who try to find ways to get into those devices. The fact that Apple works with outside researchers who continually look for vulnerabilities is a good thing, and the fact the company is quick to issue updates when they are found is even better.