This week Apple released a series of patches for several zero-day vulnerabilities for iOS that have already been exploited by bad actors to install spyware and steal personal data. So you'll want to update your phone as soon as possible.
iOS 16.5.1, which is now available to download if you have an iPhone 8 or newer, fixes a major security flaw that allowed hackers to access all of the personal data stored on your iPhone. This particular vulnerability was first detected in Russia, where thousands of Russian government officials have reportedly had their iPhones infected with spyware. It's a kernel issue that lets bad actors execute arbitrary code with kernel privileges, meaning hackers can run whatever code they want on a targeted device.
The hackers have been sending iMessages with malicious attachments that infect and grant access to their target's iPhones, according to The Washington Post. Apple's latest iOS patch also fixes a vulnerability with WebKit, the framework that enables developers to display webpages on Apple devices. Again, it enabled hackers to steal users' personal data by executing arbitrary code on their target's device.
The attacks have been seen only on devices running versions of iOS 15.7 or earlier, Apple said on the update's support page. While that means the company isn’t aware of any hacks on devices running later versions of iOS, those systems could still be vulnerable. Which is why Apple's encouraging all users to download iOS 16.5.1, too, even if their iPhone is already protected against the vulnerabilities in question.
Even U.S. authorities are taking this security threat seriously. The Cybersecurity and Infrastructure Security Agency added the two exploits to its Known Exploited Vulnerabilities catalog and urged federal agencies to download the latest update by July 13.
Even if you're an unlikely target for spyware, now's as good a time as any to update your device if you have one of the best iPhones. To download iOS 16.5.1 on your device right now, simply head to Settings, select General, and then go to Software Update.