Apple Just Released a New Security Patch
Breaking news: Apple has another update for you to install. While it seems like we Apple users always have a new update to install on our devices, it’s important to prioritize. That’s because it’s not just a feature update that replaces legacy software. Instead, it’s a security patch that fixes problems with iOS, iPadOS, macOS, and other Apple operating systems that, if left unfixed, leave you vulnerable to hacking.
Security patches and software updates
Some platforms separate security patches and software updates as two separate processes. Not Apple. The company typically bundles security patches and software updates together, which creates some interesting situations. You can have a feature-rich software update that also contains security fixes, a feature-rich software update with few (or no) security fixes, or a software update with few (or no) features and any number of security fixes.
This last category will focus solely on this last category. You see, every now and then Apple discovers a critical security vulnerability on its platforms. This isn’t necessarily Apple’s fault: software inherently contains security vulnerabilities, and the goal is to discover them before attackers do. However, whenever these security flaws are discovered, it is critical to report them to users as quickly as possible, especially if the flaw has already been exploited by attackers.
At times like these, you see software updates on your iPhone or Mac that look like an oddly long string of numbers—iOS 18.3.1, for example. iOS 18 is a big update with all the major features; 0.3 is a minor update that contains some new features; and while the 0.0.1 update may contain new features, it usually means security fixes and bug fixes.
There is an exception to this rule: Apple’s Security Rapid Response Program . These are strictly security patches, not feature updates, and are deployed when it is absolutely necessary to fix a security vulnerability on customers’ devices. You’ll know when one of these hits your device because it not only says “Security Reply” but also contains an icon (a) indicating that it’s not a standard update.
However, this is not a security answer: it is an update that just so happens to be a security fix. I know – not confusing at all.
Apple’s latest security patch
On Monday, February 10,Apple released a series of updates for its devices . This includes iOS 18.3.1 for iPhone; iPadOS 18.3.1 for iPad,iPadOS 17.7.5 for older iPads, macOS Sequoia 15.3.1 for Mac, macOS Sonoma 14.7.4 for Macs with Sonoma, macOS Ventura 13.7.4 for Macs with Ventura, watchOS 11.3.1 for Apple Watch, and VisionOS 2.3.1 for Apple Vision Pro.
Interestingly, of all these updates, only iOS, iPadOS 18.3.1 and iPadOS 17.7.5 contain release notes. The rest are empty. However, we can use the notes Apple shared in these first two posts to find out what’s new. This is just one security patch for now: “Impact: A physical attack may disable USB Restricted Mode on a locked device. “Apple is aware of reports that this issue could be used in an extremely sophisticated attack against specific targets.”
USB Restricted Mode protects Apple devices from unknown wired peripherals. The idea is that if an attacker tries to connect a malicious device to, say, your Mac or iPhone, this feature will block that device from connecting. This feature is customizable, so you can choose whether to allow all USB devices to connect to your Apple device, whether to allow USB devices when your Apple device is unlocked, whether to allow your Apple device to prompt you every time you connect a new device, or to prompt you every time a device is connected.
Regardless of your settings, it appears that this latest flaw allows an attacker to completely bypass a security feature on a locked device and potentially attach a malicious accessory to your Apple device. What makes this vulnerability especially dangerous is that Apple has confirmed that it is actively exploited, meaning that there are attackers using this vulnerability to attack Apple users. To protect yourself, be sure to install the latest security update on all eligible Apple devices now.
How to install a security patch on your Apple device
Again, security patches like 18.3.1 are just software updates. So, you can install these patches just like any other Apple update. On most Apple devices, you can go to Settings (System Preferences for macOS) > General > Software Update , then follow the onscreen instructions to download and install the latest update.