Apple’s recent iOS 15.6.1 release includes two notable security updates for issues that could put your phone at risk. But its release has gone mainstream, and some reports have caused needless panic among people who don’t usually pay attention to these things. “I was also surprised how the media picked up this particular update when security updates like this happen every couple of months,” Marc-Étienne Léveillé, a malware researcher at digital security firm ESET told Lifewire via email. “It was also picked up by local media here [in Canada].”
What’s at Stake?
With the release of iOS 15.6.1, Apple is handling two specific problems, according to the security update notes—one related to WebKit, the other to the kernel. Both are important for similar reasons. Webkit is the web browser engine that Safari and every other iPhone browser uses, and it’s an important component of every iPhone used around the globe. In the release notes, Apple said that “processing maliciously crafted web content may lead to arbitrary code execution,” which means that a bad actor could use a website to run software on your iPhone without your knowledge. That software could steal your personal data or worse. Similarly, the kernel exploit allows bad actors to run software with escalated privileges. The kernel is the part of iOS that loads first when you power up your iPhone, and it’s a vital part of the operating system. By allowing arbitrary code to run with kernel privileges, this security flaw could give someone full access to all the functions and data on your device. Apple confirmed that it “is aware of a report that this issue may have been actively exploited.” That part has a lot of people worried, perhaps justifiably. But, as always, there’s nuance to this situation.
Vital Context
Hacking into iPhones is big business, and companies such as NSO Group sell spyware tools like Pegasus for exactly that. Pegasus has been used to spy on officials and journalists in recent years and does that using security holes like the ones patched in the iOS 15.6.1 release. Security expert Léveillé agrees the exploits patched by Apple are unlikely to be in widespread use. He added, “the exploit code to use the vulnerabilities is not publicly known, so only a very limited number of people or organizations can use them. Given how rare and pricy those exploits are, they are generally not used to massively compromise Apple devices.” He goes on to say that you can update your iPhone in your own time, “unless you think you may be a target for spyware like Pegasus.” Léveillé isn’t the only expert to take that approach. In an email interview with Lifewire, Ben Wood, chief analyst at CCS Insight said, “Thankfully, for the vast majority of users, it is highly unlikely they will be affected by a software security breach.” He added that “as with all software, the best course of action is for consumers to keep their software updated on all devices.” That, unfortunately, isn’t the message that people are hearing. Mainstream outlets have picked the story up and really focused on the warning that there’s an “urgent” need for everyone to update. As a result, people’s perception is that they’re walking around with a ticking timebomb, even if that isn’t the case. Apple takes security seriously, going so far as to sue NSO Group, and has features specifically designed to help people who believe they are a target for its software. “If your device contains very sensitive information or you think you could be a potential target for spyware like Pegasus, I would consider updating to iOS 16 when it becomes available and enable Lockdown Mode,” Léveillé suggested.