Checklist 313: Apple Security Fixes and Features
On this week’s Checklist, we’ll take a closer look at Apple’s recent security fixes and features, including:
- Security patches for all your Apple things
- Apple and key-based 2FA
- An Apple data privacy event
Apple’s latest round of updates
Apple updated its OSes this week as iOS 16.3/iPadOS 16.3, macOS 13.2, watchOS 9.3, and tvOS 16.4. Here’s a very quick summary:
- The iOS and iPadOS updates fix 12 vulnerabilities. There were also updates for older versions of Apple’s mobile OSes: iOS 12.7.5, iOS 15.7.3, and iPadOS 15.7.3.
- macOS Ventura 13.2 addresses more than 20 vulnerabilities, and as with the mobile operating systems, Apple also released updates for older Macs: macOS Big Sur 11.7.3 and macOS Monterey 12.6.3.
- watchOS 9.3 fixed 11 vulnerabilities, and tvOS 16.3 patched 10 security issues.
If you haven’t already updated, now’s the time to do it!
Apple ID and hardware security keys
The biggest security feature introduced in this week’s updates was support for hardware security keys as a way of protecting Apple accounts.
If you’re unfamiliar with hardware keys, Apple gives a succinct explanation of the technology and how it can be used to protect an Apple ID:
A security key is a small external device that looks like a thumb drive or tag, which can be used for verification when signing in with your Apple ID using two-factor authentication.
The idea is that you’d sign in to your Apple account with your password, but would then need to use a physical security key as your second authentication factor in order to complete the log-in.
Of course, if your account access is riding on a small physical device, it’s important that you don’t lose that device! For this reason, Apple recommends using a minimum of two security keys (although you can have up to six) and storing them in a safe place. Ideally, you’d keep these in two different places in order to minimize the chances of losing account access if something happens to your storage location.
Hardware keys are considered to be a very secure form of two-factor authentication, but they may not be for everyone. If you want to explore the topic further, check out Apple’s support document as well as the SecureMac blog for more information:
Apple celebrates Data Privacy Day
January 28 is Data Privacy Day, but Apple kicked off the celebration a bit early this week. In a press release on Tuesday, Apple reaffirmed its commitment to data privacy and introduced a couple of privacy initiatives.
The first of these is an informative (but entertaining) video called “A Day in the Life of an Average Person’s Data.” It explains how a typical user’s data is tracked, and offers a number of simple tips to improve your privacy.
The second thing that Apple is doing for Data Privacy Day is a Today at Apple session called “Taking Charge of Your Privacy on iPhone.” According to Apple, the session will explore the most important iOS privacy features and help people learn how to use and customize them.
These will be in-person events at Apple Stores around the world. To find one near you and/or sign up to attend, go to apple.com/today.