Photo (cc) by microsiervos
If you’re an iPhone user, you know how easy it is to hit “remind me later” every time an Apple update is released and your phone prompts you – repeatedly – to download and install the update.
Although it might not seem like a big deal to ignore Apple’s update prompts (as I had been doing with my iPhone until today) this is why you need to install iOS 9.2.1 right now.
At first glance, the update appears routine. Apple says it contains security updates and minor bug fixes for the following devices: iPhone 4s and later, iPod touch (5th generation) and later and iPad 2 and later.
But one of the security updates will fix a major vulnerability that was discovered and reported to Apple three years ago by researchers from Skycure, a Palo Alto, California-based mobile security company.
According to a Skycure blog post, the security flaw allows hackers to steal users’ cookie data and other sensitive information.
You can read all about the vulnerability in Skycure’s blog, but in layman’s terms, a hacker creates a public Wi-Fi network, then waits for a user to connect to it — either manually or by tricking their device into connecting. The user is then directed to a captive portal – where a window pops up, like those often seen at hotels and airports, and asks for a username and password to log on. After the user successfully logs on, the hacker is able to load malicious content onto their device.
Although Skycure said three years is the longest it’s taken Apple to fix a security issue reported by their company, it did note that “the fix was more complicated than one would imagine.”
To install iOS 9.2.1, go to “Settings,” then “General” and select “Software Update.” I just installed the update, and it took less than five minutes.
Have you installed the latest operating system update? Share your comments below or on our Facebook page.