New Apple Security Update Addresses Critical Vulnerabilities
Last week, Apple announced several critical software updates intended to fix bugs in operating systems on iPhones, iPads, and Mac computers. In a press release, Apple was vague about the vulnerability, stating that “An application may be able to execute arbitrary code with kernel privileges.”
But the security notes for these updates warn that hackers are actively exploiting security vulnerabilities. The federal Cybersecurity & Infrastructure Security Agency (CISA) was even blunter, warning that, “An attacker could exploit one of these vulnerabilities to take control of an affected device.”
Some cybersecurity experts warn that Apple users who haven’t installed the new security update could be allowing hackers to run malicious code on their devices. These include iPhone 6s and later, all iPad Pro models, and several recent iPad Air, iPad Mini, and iPad 5th generation models, along with Macs running the Monterey operating system.
Thankfully, updates on Apple devices are easy to install. On iPhones and iPads, click Settings > General > Software Update. On Macs, click System Preferences > Software Update. Performing this action will also scan for less-critical but equally important recent updates to older versions of Safari, Apple’s built-in web browser. Google Chrome for Mac also issued a patch last week that addresses 11 security fixes.
Are These Updates a Sign of Serious Problems?
Regular security updates might be annoying for everyday users, but they aren’t necessarily negative. Many Apple skeptics say these recent issues indicate a hit to the company’s reputation. But other experts point out that this steady stream of patches means that Apple is doing a better job of identifying problems and fixing them before they spiral out of control.
Still, these critical problems bring up bigger questions—especially as rumblings about the potential disruption of a future Microsoft Office update reverberate around the tech industry. CMIT Solutions has compiled answers to the following five questions, which we hear often from clients across North America.
1) Should I enable automatic updates? Many users are hesitant to activate automated updates, worried that they won’t be able to control when patches roll out—or scared that reliable applications won’t work the way they once did. A trusted IT partner provides an extra level of support by reviewing updates before they install, providing extra training for employees when needed, and ensuring that patches roll out during off-hours when staff members won’t have their work disrupted.
2) What are the pros and cons of subscription-based applications? This Software-as-a-Service (SaaS) format has become more and more popular, particularly with popular software suites like Microsoft Office and Adobe Creative Cloud. The benefits of this model are that critical apps like Outlook, Word, and PowerPoint are updated regularly via cloud-based connections. But there are drawbacks, too, such as when apps like Outlook are completely overhauled without the option to stick with a classic version. In the best-case scenario, this can confuse users who aren’t accustomed to change—and in the worst-case scenario, it can disrupt day-to-day operations.
3) Do I really need to upgrade? There’s a big difference between critical security patches that fix serious problems (like the one for Apple devices described above) and fun new software or hardware toys. Sometimes, rushing toward the latest and greatest app or device can lead to trouble for small to medium-sized businesses. At CMIT Solutions, we recommend that our clients wait several months for anything classified as a “nice to have” (like new operating systems or newly released devices). This gives tech companies time to work out the inevitable bugs and flaws that come with fancy-but-untested new tools.
4) What else should I protect? Software drives nearly everything in our lives these days: Wi-Fi routers, doorbells, thermostats, and even smart refrigerators. Security patches and software updates are equally important for printers, servers, and voice-controlled devices, too. Then there are hard drives, modems, and Wi-Fi routers, all of which are integral parts of any company’s IT infrastructure. With Internet traffic flowing to and from these pieces of hardware day in and day out, it’s just as important that you extend the same level of cybersecurity protection to them as you do to your laptops, desktops, and smartphones.
5) How can I ever take care of all this myself? The good news is you don’t have to. A trusted business partner like CMIT Solutions can help you implement security updates while protecting important software and hardware. We take a proactive approach to these kinds of situations, addressing vulnerabilities quickly to minimize downtime. We roll out support for applications and devices during off-hours so you can maintain uninterrupted operations. And we set up automated alerts that inform our IT staff of new vulnerabilities before they can be exploited by hackers.
CMIT Solutions has 25 years of experience working with operating systems, software applications, and patch rollouts. We understand that fixing vulnerabilities is just one layer of comprehensive cybersecurity, and we prepare for every possible contingency so that we’re ready for anything.
In addition to software updates and security patches, we provide proactive IT monitoring and maintenance solutions, automated data backup services, disaster recovery and business continuity planning, network security, and much more. Contact CMIT Solutions today to find out more about how we can help your business.