Apple Warns of the Need to Update iOS

Whenever a software developer releases an update to its software, there can be mixed reactions. Sometimes the new version just has minor little changes, and sometimes it even comes with changes that users find annoying. But every so often, the changes were prompted by a scary finding in the original code, and the new version fixes the security flaw.

According to a New York Times article, a foreign hacker group has been trying for some time to carry out attacks on a prominent human rights activist, a journalist who exposed government corruption, and other key people. The activist in this case began receiving strange text messages on his iPhone, and he cautiously sent the messages on to a cybersecurity firm in Canada. That firm called in another firm, one based in San Francisco, and together they discovered that the messages contained malicious code that was attempting to break into the activist’s iPhone due to three different zero-day vulnerabilities in iOS.

Wait a minute… zero-day vulnerabilities?

Sure, it sounds like some fictionalized computer term from the latest Hollywood cyberthriller, but the reality is far from entertaining. A zero-day vulnerability is basically a hole in the software that the developer doesn’t know about, and therefore has had “zero days” to fix. Hackers and coders can literally sell these vulnerabilities online, meaning they discovered it and for the right price they’ll tell other hackers what it is and how to find it so they can use it maliciously.

When you get a popup message telling you to download the newest version of some software, it might just be an annoying little tweak, but it could also be patching up a zero-day vulnerability. The company certainly isn’t going to announce it, because it would alert hackers to go looking for it in order to exploit customers’ security holes.

Wait a minute…I don’t have an iPhone. So I’m good, right?

Not exactly. This situation happens to involve the software that powers iPhones and iPads, and Apple has announced that the new update contains the patch to block these security flaws and keep people out of your device. But just because this one situation involves Apple’s products doesn’t mean there aren’t security flaws in lots of other software titles, even ones that power your laptop, your desktop, your ereader, or your Android device.

Okay, but I’m not a major public figure. I’m just a consumer. No one wants to hack me, right?

Absolutely wrong. By basically using a strategy like “six degrees of separation,” your hardware could prove to be very valuable to someone who wants to cause harm. Hacking into your phone and grabbing your contacts list could lead to others’ lists, which could lead to others’ lists, and so on until the right target is found. At the same time, you can’t know why hackers want your information, and a security hole could lead him to the passwords for your email address, your social media accounts, your bank account, or your credit card. It’s important to keep your software up-to-date in order to protect your hardware and your identity.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

Pin It

 

ITRC Sponsors and Supporters 

 

 

 

 

Go to top

 

The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.