Cybersecurity experts warn that waiting to update your iPhone could compromise highly sensitive data.
Put off the upgrade and you could be vulnerable to a harmful bug that can bypass safeguards protecting user data from unauthorized app access — a problem rectified by Apple’s iOS18 update, released in September.
Michael Covington, vice president of strategy at software company Jamf, told Forbes that many Apple users are deliberately not upgrading to the new operating system, due to widespread wariness of Apple Intelligence, the company’s first iPhone AI program.
Still, they’re running a risk by waiting.
The risk of not upgrading puts a phone’s transparency, consent, and control (TCC) subsystem at risk of being bypassed by an attacker.
What that means for users is hackers could infiltrate sensitive data through an iPhone app and never be notified.
The bug, which overrides TCC from telling users an app is trying to access things like photo and location data, was listed in the National Vulnerability Database.
“Alarmingly, this exploitation occurs without leaving any trace of the data accessed, posing a threat to user privacy and overall data security,” researchers looking into the problem warned, according to Forbes.
They also highlighted a larger security concern as hackers now “focus on data and intellectual property that can be accessed from multiple locations.”
Covington warns that the longer users wait to upgrade, the longer they are at risk. As the public is being made aware of the harmful bug, so are more hackers.
“Applying critical patches as soon as they are published helps to thwart attackers looking to target victims through the latest vulnerabilities,” he said.
