Apple Issues Critical New Security Patches

You should update your iPhone, Watch, or Mac immediately

An Apple security exploit made it possible for Apple devices to be infected with spyware without any user action, but a patch is out now.

This "zero-click" exploit was found by Citizen Lab researchers at the University of Toronto on September 7. Apple was informed of the exploit right away and has since issued a patch to address the problem. While the exploit was likely being used for specific targets like activists and reporters, it's recommended that everyone install the new patch if they're able.

Someone holding an iPhone with notifications showing on the screen.

Jamie Street / Unsplash

Without the security update, hackers can infect a given Apple device (computer, phone, tablet, or even watch) just by sending an image. You wouldn't even have to open or otherwise interact with the image file for it to affect your device—simply receiving it is enough. If your device can use iMessage, it's at risk until you update.

Citizen Lab believes NSO Group used the exploit to infect an activist's phone with its Pegasus spyware back in March. Some journalists from Al Jazeera also likely were targets of this exploit.

According to NPR, while Apple is taking this issue seriously, it has reiterated that the average user likely won't become a target.

Woman logging in to her laptop and holding smartphone on hand with a security key lock icon on the screen

d3sign / Getty Images

If you have an iPhone, it should alert you about the new patch on its own and prompt the download. Or, you can start a manual software update instead.

If you have an iPad, Apple Watch, or Apple computer, you also should look for and install the latest system versions. Just to be safe.

Was this page helpful?