Apple’s iOS 18 Update Alert: Major Security Fixes You Shouldn’t Miss

Image by Franz Bachinger from Pixabay

Apple just released iOS 18, iPadOS 18, and macOS Sequoia, addressing over 30 critical security vulnerabilities, including a major Siri flaw. If you haven’t enabled automatic updates, you’ll need to install the update manually (don’t worry, I’ve included a quick how to at the bottom of the page).

Just one of the latest vulnerabilities reported by Apple, identified as CVE-2024–40840, allows hackers with physical access to your device to exploit Siri and access sensitive user data. A hacker could:

• Access personal information that you’ve stored on the device, such as contacts, messages, or photos.
• Gain access to sensitive data like passwords or financial information.
• Control nearby Apple smart home devices.
• Use Siri to perform unauthorized actions on behalf of the user, such as making calls or sending messages.

Apple patched a Core Bluetooth flaw that allowed malicious devices to bypass the pairing process, and a malicious app to gain unauthorized access to Bluetooth. Other fixes included vulnerabilities in the kernel (a kernel is a device’s operating system’s core that acts as a bridge between the hardware and the software) that could leak network data outside of a VPN, as well as a WiFI bug that could disconnect devices from secure networks, and multiple weaknesses in Safari’s Private Browsing with the risk of tabs being accessed without authentication.

There were also improvements to sandbox security to prevent malicious apps from leaking sensitive user information. The Sandbox critical feature isolates apps from each other and the underlying system. This can prevent one app from interfering with or accessing the data of another, minimizing security risks and stability issues.

Apple also pushed out macOS Sequoia with patches for further security issues across the operating system. They reported several critical macOS vulnerabilities that could allow unauthorized access to user-sensitive data, various logic issues (one allowed the potential for a malicious process to capture screen contents without user consent), privilege escalation (a technique that allows an attacker to gain higher levels of access to a system than they were originally granted), and security issues relating to Wi-FI. For more detailed information about this vulnerability and other security updates, you can refer to Apple’s official security documentation.

How To Update Your Apple Device

iPhones and iPads

By default, iPhones and iPad devices are set to automatic updates, which means it will download the software update while your device is plugged in overnight and connected to Wi-Fi. However, users can also manually check and install for updates:

1. Go to Settings > General > Software Update.
2. From here you can choose Automatic Updates.
3. Turn on Download iOS Updates and Install iOS Updates. Your device will then automatically update to the latest version of iOS or iPadOS. If any updates need to be installed manually, you’ll see it here.

The latest iOS update also introduces some new features.

Apple Mac

Before you begin, make sure you’re connected to Wi-Fi. It is generally good practice to back up your Mac.

1. From the Apple menu in the corner of your screen, choose System Settings.
2. Click General in the sidebar of the window that opens, then click Software Update on the right. In earlier versions of macOS, choose Apple menu > System Preferences, then click Software Update.
3. When the window appears, your Mac automatically checks for updates. If available, select Update.

The latest macOS Sequoia also introduces some new features.