In the battle for mobile supremacy, Android trumps iOS by a considerable margin – 71% versus 28%. But even 28% represents hundreds of millions of devices worldwide. So even a small subset of that – say, users running an obsolete version of iOS – is still a large contingent.
Apple does a good job at securing iOS from malice, through the steady stream of incremental updates and timely patches as well as the habit of nagging users to install the latest version.
Just last week, the company issued urgent fixes for two critical security holes in iOS and macOS, warning that bad actors may be actively exploiting the flaws to steal users’ data.
The two zero-day bugs were previously unknown by Apple and most of the infosec community, giving potential attackers a head start to exploit the bugs. As revealed by the security advisory, attackers simply have to get the victim to access a tainted link.
One of the flaws is found in the WebKit browsing engine shared by apps that access the web and display web content, which means this particular security hole extends way beyond the stock apps present on a new iDevice.
In other words, a bad actor has an almost endless number of attack avenues thanks to the sea of WebKit-enabled apps found on users’ iPhones worldwide.
iOS and spyware
Keeping our iDevices updated has become very important in recent years, as spyware threats like Pegasus increasingly find their way onto vulnerable iPhones – often without input from the phone’s owner.
Dubbed the ultimate cyberweapon by Google researchers, Pegasus can record audio (including phone calls), track a phone’s location, and access virtually all content on a phone, including photos, text messages, various files stored locally, chats and chat logs, commercial messaging app content, contacts and browsing history.
Apple last patched iOS against Pegasus in 2021, with the release of iOS 15. Everyone running an older iOS version without a security solution can be considered vulnerable.
iOS versions in circulation today
In fact, Apple recently announced that is introducing new ways to combat spyware in its upcoming OS upgrades.
Perhaps more importantly, the California tech giant is patching more and more zero-day bugs in recent years, meaning it’s become more important than ever to keep our Apple devices up to date.
If you’re on an old iPhone model stuck with an obsolete iOS, it’s recommended that you at least run a dedicated security solution, like Bitdefender Mobile Security. This is a good way to secure your old iOS version. However, it’s always recommended to upgrade to a device / OS version that receives timely security updates from the mother ship.
While Bitdefender makes it its job to secure vulnerable iPhones with a dedicated security app, we strongly encourage users to migrate to the newest iOS version eligible for their device, in order to receive official support from Apple as well.