I know there’s a ton of other Apple news happening today, but if you’re reading it on a Mac, iPhone, iPad, or Apple Watch (okay, that last one may be a stretch), you should probably pause and update that device — today’s update fixes a security issue that Apple says may have been actively exploited.
The updates contained in iOS / iPadOS 14.5.1, macOS 11.3.1, and watchOS 7.4.1 are meant to fix arbitrary code execution exploits present in WebKit, Apple’s framework that renders most of the web content you see on your device (unless you’re using, say, Chrome or Firefox on Mac). In normal language, the updates patch a hole that let malicious websites run unchecked code on your device, so it’s not the type of update you want to put off.
If you have an older device, such as an iPhone 5 or 6, iPad Air or Mini 2 and 3, Apple also released iOS 12.5.3, which addresses WebKit flaws.
If this story sounds a little familiar, it’s because there have been two recent updates, iOS 14.4 and 14.4.2, that closed similar security holes. Even if you don’t think you should update because you use an alternative web browser on your Mac, or don’t browse the web on your Apple Watch (for obvious reasons), it’s still worth updating any devices you may have — WebKit can be used in unexpected places, and it’s never good to have security holes open on your devices, especially ones that may have been exploited.