Everyone who has a phone understands about the need for upgrading the system periodically, but I was surprised by the urgency implied in this latest communication:
"Take this seriously. If your iPhone does not have Apple’s new update, you must install it now. We know attacks on iPhones have started. We have been warned the threat will extend well beyond those highly targeted initial attacks. And hundreds of millions of iPhone users are also now facing down an unwelcome surprise.The last available analyst data says hundreds of millions of iPhone users with devices eligible for Apple’s current iOS 26 firmware have yet to upgrade. Those users had expected to be offered the update to iOS 18.7.3, avoiding iOS 26 for a little longer. But Apple withdrew that update for all but iPhone XS, iPhone XS Max and iPhone XR.It’s now a choice between upgrading to iOS 26.2 or no security update. A quick scan of online forums a week after all this was confirmed is a nasty surprise. Plenty of users say they intend to stick with iOS 18.7.2 and avoid the update altogether. That’s bad news...Do not run your iPhone without these critical WebKit security fixes. “Users should urgently update all their impacted Apple devices,” James Maude from BeyondTrust told me. “Even though this only appears to be linked to a small number of targeted attacks it will quickly become a must have exploit for a range of threat actors."..Check your iPhone. If you’re running iOS 18.7.2, you should update to iOS 26.2 assuming iOS 18.7.3 is not available. The period of maximum risk for vulnerabilities is the time between public disclosure and extensive patching. That’s right now."
The embedded text is from Forbes, which is not a fearmongering site, so I presume the threat is in fact serious. I upgraded to 26.2 last night after receiving this notification. There is some additional information at the link. Readers of TYWKIWDBI tend to be well informed and may have insight and comments to offer.
The couldn't-be-more-vague line "We know attacks on iPhone have started" with no reference to anything, no evidence or corroborating links makes this fear mongering in my book.
ReplyDeleteI need 15 gb more available storage to perform the install. This may be part of the delay by users to update.
ReplyDeleteUsers may be delaying update because it requires a lot of available storage for the installation and they have to choose what to delete!
ReplyDeleteForbes is 100% a fear-mongering site, that pays contributors depending on how many clicks they get. You know anyone can contribute to Forbes, right? They wen't clickbait years ago. This isn't the magazine of your forebears. Whether the update is essential is a different matter. I have an iPhone 13 mini (I like ickle phones) so don't even know if it's still getting updates.
ReplyDelete(Checked my phone and the 26.2 update is ready to go, but there's no message about it being an important security update, just the usual - feels like Forbes fear-mongering to me)
ReplyDeleteI 'upgraded' my phone and it now has the awful 'liquid glass' style. The camera function is improved, however.
ReplyDeleteThis article from Gadget Hacks provides additional information on the vulnerabilities and why Apple is pushing the update. Apparently the update prevents intrusive surveillance software like Pegasus from erasing evidence of its installation on your phone, without the user's knowledge.
ReplyDeleteICE recently contracted with Paragon, the Israeli spyware maker (comparable to NSO Group and their Pegasus software) whose software can be deployed silently onto targets' phones to conduct whole-phone surveillance, even of encrypted apps. Apple hasn't mentioned this specifically, and I wonder if this is part of their intention but they have to remain vague.
https://apple.gadgethacks.com/news/ios-262-security-update-critical-spyware-patch-imminent/