Apple iPhone, iPad and iPod Touch users are being urged to update their devices immediately after the US tech giant released a critical update in its latest patch release – iOS 10.3.1 – that if left exposed could let hackers launch cyberattacks over WiFi.
The vulnerability was discovered by Google Project Zero – a bug-hunting team that regularly finds security flaws in mainstream software and anti-virus products. In an advisory released on 3 April, Apple said an attack "within range" of a device could launch malicious code via WiFi.
The update is now available to download for iPhone 5 and later, iPad 4th generation and later, and the iPod touch 6th generation and later.
Listed under CVE-2017-6975, the description stated: "A stack buffer overflow was addressed through improved input validation."
"My understanding is that it could affect anyone who is operating their mobile with WiFi on nearby an attacker," iOS security expert Will Strafach told IBTimes UK. "This is not a common vulnerability and I believe it is critical to upgrade now that the vulnerability has been mentioned publicly."
No other technical details have yet been released.
When Apple released iOS 10.3 last week it came with a slew of security upgrades, fixing issues with accounts, audio, iTunes Store, Safari and much more.
However, there was also a lack of over-the-air support for 32-bit devices like the iPhone 5 and 5c. This has changed with the latest 10.3.1 series of fixes, likely showing the critical nature of the find.
You can check for the update now just going to Settings > General > Software Update. Alternatively, you can manually download the update from Apple's iTunes service.
For users, iOS 10.3 signalled many software improvements. It featured enhanced AirPod support, Safari support for Reduced Motion preferences and advancements to its CarPlay capabilities. As reported, the public beta of iOS 10.3.2 was released last week and is now being thoroughly tested.