Apple says iPhone bug may have been actively exploited - here's what to do
Apple recently released software updates for the iPhone and iPad and users must download them right away. That's because they contain a fix for an actively exploited issue.
On the surface, the iOS 16.3.1 and iPadOS 16.3.1 updates may not look that exciting because they don't bring any new features, but they contain fixes for problems with iCloud settings and Siri, optimizations, and security updates.
Most importantly, iOS 16.3.1 and iPadOS 16.3.1 address a WebKit vulnerability that may have been exploited in the wild by cybercriminals. WebKit is a browser engine that is used by Safari, Mail, App Store, and other apps. A single vulnerability in it can affect all apps that are based on it.
An in-the-wild vulnerability is a threat that's spreading among real-world devices and may put ordinary users at risk.
The WebKit vulnerability may allow bad actors to run any command on affected iPhones and iPads remotely. It must be patched quickly because it's being actively exploited by hackers.
The updates also seek to fix a Kernel vulnerability that may allow apps to execute commands with kernel privileges. This can allow hackers to take over the entire machine. Thankfully, no one appears to have taken advantage of this flaw.
Per TechCrunch, it's highly unlikely that a hacker will exploit the bugs to target an average iPhone user, but it's still recommended that you update your phone and avoid taking any risks.
Caught between a rock and a hard place
It's also worth mentioning that iOS 16.3.1 seems to have broken the Google Photos app. Multiple users have reported that the update is causing the app to crash. So, you'll have to decide what is more important to you: a smoothly working Google Photos app or a secure iPhone and iPad.
Things that are NOT allowed: