Story image

Apple users advised to update their software now, as new security patches released

17 May 2017

Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion.

What’s that? You’re not so sure that folks have learnt the lesson, despite the round-the-clock coverage in the mainstream media on what must have been one of the highest profile malware attacks in years?

Perhaps you’re right. It would be great to think that computer users learn from past experiences, and don’t make the mistake of thinking that malware attacks are something that happen to other people, and not themselves.

Historically, it’s all too clear – for instance – that many users of Apple products might be under the mistaken belief that they are somehow immune to the hack attacks and malware infections that can blight their Windows-loving friends.

The belief is perhaps understandable to an extent. The vast majority of malware being produced each day is built to run on the Windows platform, with the Android operating system lagging some way behind. You have to look a lot further down the chart before you will find attacks against Mac users and iOS.

But less attacks is not the same as zero attacks. And fans of Apple hardware would be taking a big risk if they don’t think it’s just as important to keep their operating systems, apps and programs patched to protect against the most recently discovered vulnerabilities.

On Monday Apple pushed out updates which are applicable for most of its customers: iOS 10.3.2 (for iPhone and iPad users), MacOS, OS X, watchOS 3.2.2, iTunes, Safari, tvOS and iCloud for Windows 6.2.1.

Just looking at the fixes that have been released for iPhones, iPads and Macs it is clear that scores of security vulnerabilities have been addressed.

For instance, now-fixed (providing you update!) security vulnerabilities in iBooks for iOS could have allowed a malicious hacker to force your iPhone to open websites without your permission and execute malicious code with root privileges.

Another flaw addressed for both iPhones and Macs could see attacks bypass built-in security features to read restricted memory, potentially opening the door for the theft of passwords and other sensitive information.

The good news is that users shouldn’t need to get into the nitty gritty of each and every security flaw addressed by the latest updates from Apple. Instead, resolve to update your systems at the earliest possible opportunity.

Apple products may find themselves in the firing line of attacks less often than their Windows and Android cousins, but that doesn’t mean they’re immune. If can learn anything from the events of the last few days it is surely the need to keep systems up-to-date and make regular backups of your data.

Update your Apple devices now, and don’t tempt fate.

Article by Graham Cluely, Welivesecurity.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.