Urgent iOS 16.5.1 iPhone update: why you need to take action now for your security

Apple has released an urgent software update for its devices, iOS 16.5.1, that you should download as soon as possible even if you have automatic updates turned on. The update fixes two major security vulnerabilities. Both of these are being used in real-life iPhone cyber attacks. If these vulnerabilities are chained together, it could allow a remote attacker potentially full control over a compromised device.

What were the security fixes that Apple made?

Apple’s security fixes are related to the Kernel and WebKit components of the iOS operating system. The Kernel is the core of the system that manages the hardware and software interactions, while WebKit is the engine that powers the Safari browser on iOS devices. Both of these components had flaws that could allow an attacker to execute arbitrary code with kernel privileges or through malicious web content.

According to Kaspersky, the cybersecurity firm that reported these issues to Apple, the attackers used an invisible iMessage with a malicious attachment to deliver a spyware called TriangleDB in a zero-click attack. This spyware operates in memory and can steal various data from the infected device, such as audio recordings, photos, videos, location history, contact information, browsing history, passwords, and more.

How TriangleDB spyware can infect and monitor iOS devices without user interaction

This means a person using an iPhone, for example, doesn’t even have to click anything or interact with anything on their phone for the spyware to infiltrate their device. This is especially serious with the Kernel because it means that a hacker is getting to the core of the iOS operating system without anyone clicking anything and can likely get around many security tools on the device.

Once the spyware is on an iOS device, it can take audio recordings, photos, videos, location history, and more and share them with the hacker. It can also steal contact information, browsing history, passwords, and other sensitive data.

MORE: THE URGENT IPHONE WARNING YOU CAN’T AFFORD TO IGNORE 

 

Who has been attacked, and should I be worried?

Kaspersky reported that they found several dozen iPhones that were infected with the new spyware, some of which belonged to senior employees at Kaspersky. The biggest targets as of now appear to be people like journalists, politicians, business executives, human rights activists, and other high-profile figures. Average civilians likely will not be attacked; however, you should still update your iOS devices with this new software as soon as you can.

 

How can I protect myself against this spyware?

First, the best thing you can do right now is to get this new iOS 16.5.1 update onto your iOS devices asap.

How to update your iOS devices

  • Go to Settings
  • Select General
  • Tap Software Update 
  • You should see the update come up if you have not updated your device already. Click Install Now to begin the update

MORE: A NEW MALICIOUS MALWARE IS SPECIFICALLY TARGETING IPHONES 

 

Have antivirus software installed

Second, not all of us will remember to regularly check our devices for new updates, which is why having antivirus software installed on all your devices is always a good idea. Antivirus software

Special for CyberGuy Readers: 

Best Antivirus Protection 2023

 

Kurt’s key takeaways

You should always be checking your settings on your devices to see if software updates are available. Companies like Apple put these bug fixes in place to protect you and your privacy, so you should be taking advantage of what they’re providing.  It is up to us to remain vigilant against these hackers who constantly seek to circumvent the rules, so make sure you’re paying attention, updating your devices, and keeping your information out of the hands of these crooks.

How frustrating is it to have to continue to update your iPhone to ensure the security of your iOS devices because of these types of vulnerabilities? Let us know by commenting below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Related:

Related posts

Is your Social Security number at risk? Signs someone might be stealing it

Updated Android malware can hijack calls you make to your bank

Robot dog is making waves with its underwater skills