Story image

Apple users advised to update their software now, as new security patches released

17 May 17

Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion.

What’s that? You’re not so sure that folks have learnt the lesson, despite the round-the-clock coverage in the mainstream media on what must have been one of the highest profile malware attacks in years?

Perhaps you’re right. It would be great to think that computer users learn from past experiences, and don’t make the mistake of thinking that malware attacks are something that happen to other people, and not themselves.

Historically, it’s all too clear – for instance – that many users of Apple products might be under the mistaken belief that they are somehow immune to the hack attacks and malware infections that can blight their Windows-loving friends.

The belief is perhaps understandable to an extent. The vast majority of malware being produced each day is built to run on the Windows platform, with the Android operating system lagging some way behind. You have to look a lot further down the chart before you will find attacks against Mac users and iOS.

But less attacks is not the same as zero attacks. And fans of Apple hardware would be taking a big risk if they don’t think it’s just as important to keep their operating systems, apps and programs patched to protect against the most recently discovered vulnerabilities.

On Monday Apple pushed out updates which are applicable for most of its customers: iOS 10.3.2 (for iPhone and iPad users), MacOS, OS X, watchOS 3.2.2, iTunes, Safari, tvOS and iCloud for Windows 6.2.1.

Just looking at the fixes that have been released for iPhones, iPads and Macs it is clear that scores of security vulnerabilities have been addressed.

For instance, now-fixed (providing you update!) security vulnerabilities in iBooks for iOS could have allowed a malicious hacker to force your iPhone to open websites without your permission and execute malicious code with root privileges.

Another flaw addressed for both iPhones and Macs could see attacks bypass built-in security features to read restricted memory, potentially opening the door for the theft of passwords and other sensitive information.

The good news is that users shouldn’t need to get into the nitty gritty of each and every security flaw addressed by the latest updates from Apple. Instead, resolve to update your systems at the earliest possible opportunity.

Apple products may find themselves in the firing line of attacks less often than their Windows and Android cousins, but that doesn’t mean they’re immune. If can learn anything from the events of the last few days it is surely the need to keep systems up-to-date and make regular backups of your data.

Update your Apple devices now, and don’t tempt fate.

Article by Graham Cluely, Welivesecurity.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.