Apple release urgent new update for all iPhone users to fix major security bug

Apple has released an urgent new update for all iPhone users to fix a major security bug.

You might want to check if your device is due a system update in order to ensure it is full protected.

This comes after experts warned users to be cautious about their data protection, advising people to always have their phones up to date with the latest operating systems to keep safe from hackers.

Now, Apple has fixed a security bug that was already being used in cyber attacks as the tech giant confirmed it was ‘aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals’.

While it is not clear who exactly has been targeted by this attack, we do know that it related to ImageIO, which is an Apple framework used by apps on macOS, iOS, and other platforms to read, write, and process various image file formats, including metadata and color management.

Apple has released an urgent new update for all iPhone users (Cheng Xin/Getty Images)

It’s thought that hackers have been using an image maliciously to try to break into phones and gain access to information.

The fix has come in the iOS 18.6.2 update which corrects the security bug.

However, while many devices will automatically install the update, you’ll need to check in your settings if yours is done manually.

This can be found on the Settings app, followed by General and then Software Update.

This isn’t the first time Apple users have been warned about a possible security risk.

An app developer uncovered an issue and has found that just a single line of code could sabotage your iPhone remotely.

The security researcher in question is Gilherme Rambo who discovered that there is a hidden flaw within the internal messaging system of the device.

This vulnerability in iOS is related to Darwin notifications, which is the low-level interprocess communication mechanism within iOS.

Apple has fixed a security bug that was already being used in cyber attacks (Kmatta/Getty Images)

It doesn’t verify the sender, doesn’t require special privileges to send or receive and is a public API.

Rambo explained that Darwin notifications interfere with system operations because of the way the phone responds to them, and this is how they’re able to disrupt normal device functionality.

Speaking to CyberNews, Rambo said: “Since I was looking for a denial-of-service attack, this last one (‘restore in progress’ mode) seemed to be the most promising, as there was no way out of it other than by tapping the ‘Restart’ button, which would always cause the device to reboot.”

He added: “I suspect that if the app ended up in the backup and the device was restored from it, the bug would eventually be triggered again, making it even more effective as a denial of service.”