Users of iPhones, Macs and iPads have been urged to install the new update – or to risk their devices being attacked by hackers.
The update patches an security bug that could let cyber attackers break into Apple devices through their web browser.
Exploiting it would allow for “arbitrary code execution”, the technical term for when attackers have full access to run any code they like on a device.
The new updates are numbered iOS and iPadOS 17.1.2, and MacOS 14.1.2. There is also an update for the Safari browser that fixes the issue.
All of Apple’s platforms that allow for web browsing appear to have been affected by the issue. As such, devices such as the Apple TV and Watch do not have the emergency update.
Apple said that it was “aware of a report that this issue may have been exploited” with devices running early versions of iOS.
It usually gives little detail about security issues to ensure they cannot be used by other hackers. The company does not “disclose, discuss, or confirm” issues at all until they are fixed.
The latest problem was found by Clément Lecigne, from Google’s Threat Analysis Group, or TAG. TAG works to identify threats against Google and its users, and has in the past identified security issues that have been exploited by government hacking groups and other large-scale cyber attackers.
Apple has been forced to push out a significant number of security updates this year. The two new bugs are the 19th and 20th such issues to be found this year, according to security website Bleeping Computer.
Many of those issues fixed small security bugs that could nonetheless be exploited by spyware such as Pegasus and Predator, which have been known to be used by governments against journalists and activists.
The company recently revealed some of the security work that goes into securing its devices against such hackers, and warned that the danger was becoming ever more present. Apple has also introduced new tools, such as “Lockdown Mode”, aimed specifically at users who are most at risk from such attacks.