iOS 17.6—Update Now Warning Issued To All iPhone Users

Apple has issued iOS 17.6 along with a warning to update your iPhone now.

Updated July 31 with new CISA alert about iOS 17.6, as well as details on other updates issued alongside it.

Apple has issued iOS 17.6, along with a warning to update now. That’s because iOS 17.6 comes with a rather hefty 35 security fixes for serious holes in Apple’s iPhone operating system.

Apple doesn’t give much detail about what’s fixed in iOS 17.6, to allow as many people to update as possible before attackers can get hold of the information. However, the list on Apple’s support page shows iOS 17.6 squashes bugs in the Kernel at the heart of the iPhone operating system as well as several flaws in WebKit, the engine that underpins the Safari browser.

The iOS 17.6 upgrade has been a long time coming. Apple issued its last major security update, iOS 17.5, in mid-May.

Security Fixes In iOS 17.6

Among the notable fixes, iOS 17.6 patches two flaws in the Kernel tracked as CVE-2024-27863 and CVE-2024-40788. The first issue could allow an adversary to determine Kernel memory layout while the second could enable an attacker to cause unexpected system shutdown, according to Apple’s support page. Both vulnerabilities require an attacker to have physical access to your iPhone.

MORE FROM FORBES ADVISOR

Best High-Yield Savings Accounts Of 2024

Kevin Payne Contributor

Best 5% Interest Savings Accounts of 2024

Cassidy Horton Contributor

The iOS 17.6 upgrade also patches a whopping eight issues in WebKit, including CVE-2024-40785, which could result in a cross site scripting attack if you fell for maliciously crafted web content.

Apple’s iOS 17.6 contains fixes “some serious vulnerabilities,” says Sean Wright, head of application security at Featurespace. He warns that the Kernel flaws “could be chained together with other vulnerabilities to allow the entire device to be compromised.”

“Apple’s latest OS updates—which include iOS 17.6 and iPadOS 17.6—contain important security content addressing critical vulnerabilities that put users and organizations at risk,” says Suzan Sakarya, senior manager, EMEIA security strategy at security outfit Jamf.

She says the latest bugs in WebKit could lead to cross-site scripting attacks and unexpected process crashes.

Multiple Apple Security Updates Alongside iOS 17.6

Alongside iOS 17.6, Apple released iOS 16.7.9 for older iPhones, fixing a smaller list of security flaws.

Apple also released Safari 17.6, fixing multiple issues in WebKit. Meanwhile, macOS Sonoma 14.6 fixes dozens of flaws, including issues in WebKit, the Kernel, Image IO and the Keychain.

The iPhone maker also released macOS Ventura 13.6.8, macOS Monterey 12.7.6, watchOS 10.6 and tvOS 17.6, fixing dozens of flaws. Apple’s latest update for its mixed reality headset visionOS 1.3 patches over a dozen vulnerabilities.

CISA Issues Separate Apple Update Now Alert

The U.S. Cybersecurity and Infrastructure Agency has issued a separate alert, encouraging users and administrators to update to iOS 17.6 now. CISA also lists the other updates issued by Apple including iOS 16.7.9, tvOS 17.6, watchOS 10.6, Safari 17.6 and MacOS Sonoma 16.6.

CISA appears to be especially concerned with the Kernel flaws, which could allow an adversary to take over your iPhone or other Apple device. On their own, these issues require a “local attacker” who is within reach of your device. However, attackers could chain these together with other security holes to compromise you remotely.

“Apple released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, tvOS, and visionOS,” CISA said in its alert. “A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates.”

Why You Should Update To iOS 17.6 Now

While none of the issues are being used in real-life attacks yet, some of the security flaws fixed in iOS 17.6 are very serious. If an attacker could take over the Kernel, they would potentially be able to control your iPhone.

Taking this into account, Wright says there is no need to panic, but it’s a good idea to “update as soon as you can.”

There’s another reason to update to iOS 17.6 this time—it’s possible the upgrade will be the last before Apple releases iOS 18 in September. Some Apple users will be reluctant to update to iOS 18, because they want to wait a few point updates for early bugs to be ironed out.

Apple is wise to this and the iPhone maker usually updates its legacy operating system with important security fixes for a month or so after issuing a major upgrade. However, these fixes are not as thorough, which means you are always more secure on the latest iPhone operating system.

Apple’s iOS 17.6 update is available for the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later and iPad mini 5th generation and later.

The iOS 18 upgrade is a long way off, so updating to iOS 17.6 now will ensure your iPhone is as secure as possible while you wait. What are you waiting for? Go to Settings > General > Software Update and upgrade your iPhone to iOS 17.6 now.