From time-to-time Apple is alerted to security issues and vulnerabilities by researchers. The company usually reacts pretty promptly, issuing a software update for Macs, iPad and iPhones (depending on the devices affected). For this reason it is wise to keep your Apple devices up-to-date if you wish to avoid running the risk of being hacked, although it has to be said, the risk is minor. We discuss how to stop your Mac getting hacked in: Can Macs be hacked?

On 22 January Apple issued an update to the Mac operating system to improve security, stability and compatibility. The company released an update to iOS 12 for iPhones and iPads at the same time, which addressed the same security vulnerabilities.

Alongside the macOS Mojave update, Apple also issued security updates for High Sierra and Sierra: Security Update 2019-001 High Sierra and Security Update 2019-001 Sierra.

Prior to updating Macs, iPads and iPhones devices could be at risk from hackers who could take control via malicious applications, over bluetooth, or even via FaceTime, although in practice these are unlikely scenarios. We have more security tips for the Mac here, and security advice for the iPhone here.

Apple describes a number of security issues here and here. iOS and MacOS seem to be affected by many of the same issues.

Here is what Apple has to say about some of the security vulnerabilities addressed in the update:

Bluetooth: “An attacker in a privileged network position may be able to execute arbitrary code,” Apple says: “An out-of-bounds read was addressed with improved input validation.”

Core Media: “A malicious application may be able to elevate privileges,” Apple has addressed an “An out-of-bounds read” with “improved bounds checking”.

CoreAnimation: “A malicious application may be able to read restricted memory,” Apple’s fix was to improve bounds checking.

FaceTime: In this case, “A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution,” Apple said: “A buffer overflow issue was addressed with improved memory handling”.

Hypervisor: “A malicious application may be able to elevate privileges,” Apple addressed a memory corruption issue and improved state management.

Here’s how to update your iPhone or iPad if you are running iOS 12

  1. Click on Settings
  2. General
  3. Software Update
  4. Your device will check for updates, and eventually tell you that iOS 12.1.3 is available if it’s not already installed.
  5. Click on Download and Install - you may need to connect to WiFi before it can download.

iPhone software update

Here’s how to update your Mac if you are running Mojave

  1. Click the Apple logo in the top left
  2. System Preferences
  3. Software Update
  4. You should see a message that An update is available for your Mac, click on Update Now.

Mac software update

If you don’t see the message that may mean the update happened automatically. In that case you can check what version of macOS you are running:

  1. Click the Apple logo in the top left
  2. About This Mac
  3. Under the name of the operating system it will say: Version 10.14.3 if your Mac is up-to-date.

Here’s how to update your Mac if you are running High Sierra or older

  1. Open the Mac App Store.
  2. Click on Updates.
  3. If you have a MacOS update to install it will be available here. If not, check About this Mac to see which version you have installed.

Here's how to update to Mojave if you want to make sure you are running the most recent - and therefore most secure (hopefully) version of MacOS: How to update to the latest MacOS.