Apple iOS 16.6.1 has been released for iPhones, along with iPadOS 16.6.1, macOS Ventura 13.5.2, and watchOS 9.6.2 — and there is a good reason for these widescale updates: they contain critical Zero-Day security fixes. Here’s everything you need to know.
Tip: bookmark this page because I will keep it updated if/when new problems are found. I will deliver my final verdict in a week.
Who Is It For?
Apple iOS 16.6.1 is available for all iOS 16-compatible devices. That means the iPhone 8, iPhone X, and newer. iOS 15.7.8 is the most recent update to protect older devices, but I expect Apple will provide an update to address the Zero-Day vulnerabilities patched by iOS 16.6.1 (more below).
All supported iPhones should receive an automatic update notification. If you don’t, you can trigger iOS 16.6.1 by navigating to Settings > General > Software Update. If you are running newer beta software (see ‘The Road Ahead’ section at the end), you must unenroll your device before the update will appear.
Note: This guide is not focused on older iOS updates, iPadOS or macOS, but I will touch upon pertinent issues in these guides.
The Deal Breakers
In the 24 hours since release, iOS 16.6.1 appears to have had a relatively calm, bug-free start to life. I’ve seen no reports of any significance other than general grumbles about battery life. This should not be taken seriously in the first 24 hours as iPhones have to reindex after updates, and this results in higher battery drain.
I will keep tracking this and update this article should problems arise.
So What Do You Get?
Apple’s iOS 16.6.1 release notes are short and sweet:
This update provides important security fixes and is recommended for all users.
While this is a fairly generic sentence that Apple often uses with dedicated security releases, the wording is accurate — this is important. The iOS 16.6.1 security page states that the update contains two fixes tracked as CVE-2023-41064 and CVE-2023-41061.
Both are Zero-Day vulnerabilities, which means hackers were able to target them before Apple could release a fix. The company notes this, writing on both: “Apple is aware of a report that this issue may have been actively exploited.”
So what are they? According to Citizen Lab, CVE-2023-41064 was used to inject the infamous Pegasus spyware onto devices, so information could be accessed without the owner’s knowledge. “This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware,” Citizen Lab said.
As for CVE-2023-41061, it addresses a vulnerability found in Apple Wallet which also allows hackers to potentially execute malicious code on the device. It goes without saying that Wallet is not an area of your phone where you want vulnerabilities.
In fact, my only question at this stage is why Apple didn’t roll out these fixes as a Rapid Security Response Release.
Apple iOS 16.6.1 Verdict: Update
Zero-Day vulnerabilities are the most dangerous threat to your device. So, considering the lack of bugs reported so far and the nature of the vulnerabilities iOS 16.6.1 patches, updating is a no-brainer. Do it ASAP.
For hyper-cautious iPhone and iPad owners who prefer to wait (I strongly recommend that you don’t), I will deliver my final verdict in a week. So bookmark this page.
The Road Ahead
Apple iOS 17 beta eight was released last week, and a final version of the software is expected to be released for all iPhones circa September 12, when the company launches its new iPhone 15 range.
iOS 17 contains a new ‘StandBy’ mode, which turns your lock screen into a smart display, as well as major upgrades for Messages, Phone and FaceTime, a vastly improved (and long overdue) autocorrect system, the option to replace ‘Hey Siri’ with ‘Siri,’ interactive home screen widgets, mood tracking and journaling, support for shared AirTags, and much more.
If you want to beta test major iOS updates before their public release, you can sign up for the Apple Beta Software Program here.
Note: iOS 17 will drop support for iPhone X and iPhone 8 models, though security updates will continue. If you’ve held onto one of these models for this long, now might be the time to upgrade.
Follow Gordon on Facebook