Most people with iPhones are currently running iOS 12. And that’s a good thing, because you’re getting a speedier experience with as many patched bugs and vulnerabilities as possible. It’s especially important, too, given that Google researchers recently disclosed six serious iOS vulnerabilities that Apple fixed up in the iOS 12.4 release earlier this month.
The problem? It’s twofold. First, there are still plenty of people who aren’t using iOS 12 for whatever reason — and likely not even iOS 12.4. Though Apple’s own statistics don’t break down specific iOS versions, the company shows that roughly 13 per cent of all the iPhones and iPads purchased within the last five years are not running iOS 12. Given how many devices Apple sells (well over a billion iPhones alone between 2016 and 2018), 13 per cent is a lot more devices than that number might imply at first glance.
Second, one of these “interactionless” bugs, as identified by the Google researchers, was not even fully fixed in iOS 12.4. They’re described as such, as all they require an attacker to do is send you a message—and that can be a text message, multimedia message, iMessage, email, or a Visual Voicemail, as Google security engineer Natalie Silvanovich notes.
Look at the message, and it’ll execute whatever unpleasant code the attacker has concocted—in four of the six published vulnerabilities. In the other two, it simply reads files off of your iPhone or iPad. Here’s hoping you don’t have anything incriminating or super-secret on your device.
Stop using older versions of iOS
Thankfully, you’re protected from five of these six vulnerabilities by updating to iOS 12.4. But you shouldn’t have to wait for us to convince you to check for iOS updates. Make a recurring calendar event every three months that says “UPDATE MY IPHONE” in large, annoying text. Or do what I do and pull up Settings > General > Software Update constantly, because you love living on the bleeding edge.
Heck, starting in iOS 12, you can even enable Automatic Updates—though, as Apple notes, you still might have to manually update your device from time to time. (Even though I have this setting enabled, I still check my iPhone for updates probably more than I should.)
If you’re holding out because you love the look and feel of your older version of iOS, you have to weigh that against the possibility that an attacker might come after your unpatched device. Are the odds low? Sure. Would I want to risk it and have a slower iPhone? No.