The Importance of Staying Updated

Does it feel like your Apple devices are always asking you to install operating system updates? You’re not wrong—from September 2022 to January 2024, we saw the following releases in Apple’s previous set of operating systems:

●     macOS 13 Ventura: 20 releases

●     iOS 16: 25 releases

●     iPadOS 16: 20 releases

●     watchOS 9: 15 releases

●     tvOS 16: 12 releases

Apple issued many of those at the same time, but since you might not use all your devices every day, it can seem as though you spend all your time installing updates. As annoying as updating can be, we encourage you to do so soon after you’re notified for three reasons.

Reason One: Fewer Bugs

First, as has always been the case, updates fix bugs. You may not have experienced all the bugs that Apple fixes, but when one blocks something you want to do, the fix comes as a huge relief.

For instance, in a set of releases in January 2024, Apple inadvertently introduced a bug that caused text in many apps, including Mail, Notes, and Safari, to appear to be duplicated and overlap. It was only cosmetic, and switching to another window or resizing the window would make it look right again. But the bug was hugely disconcerting, so Apple fixed it two weeks later in macOS 14.3.1 Sonoma, iOS 17.3.1, iPadOS 17.3.1, and Safari 17.3.1 (which brought the fix to macOS 13 Ventura and macOS 12 Monterey).

Reason Two: Better Security

Second, many of the bugs Apple fixes won’t impact your experience of using your device, but they make it possible for attackers to steal information, install malware, spy on your communications, or even take over your entire device. Nearly all of Apple’s operating system updates contain security fixes to address newly discovered vulnerabilities, and some releases only have security fixes. Apple continues to release security updates for the last two versions of macOS and older versions of iOS and iPadOS as appropriate.

It’s easy to think that you won’t be impacted by security vulnerabilities, but remember that as soon as Apple releases an update outlining what it has fixed, attackers know what vulnerabilities exist in unpatched systems. Apple has to react swiftly to some reported vulnerabilities because blocking them can literally be a matter of life or death when it comes to, for instance, iPhone-using dissidents, activists, or journalists working in opposition to repressive governments that employ spyware against their enemies. (All spyware relies on previously unidentified vulnerabilities.)

However, some security vulnerabilities are more likely to impact regular users. For instance, in macOS 14.2.1, Apple fixed a bug in Screen Sharing. If you were sharing your full screen with someone else and had multiple Spaces, Screen Sharing could show the other person random windows in other Spaces, which could range from embarrassing (adult pictures) to seriously problematic (passwords or financial details).

Reason Three: New Features

Third, on the positive side, many operating system releases introduce welcome new features. When Apple unveils its next set of operating systems at the Worldwide Developer Conference in June, some of the promised features won’t appear with the initial releases. New features that shipped in later releases of macOS 14 Sonoma, iOS 17, iPadOS 17, and watchOS 10 include:

●     watchOS’s double-tap gesture for tapping the default button in many apps

●     AirDrop transfers continuing over the Internet when you move out of AirDrop range

●     Adding NameDrop to share contact info when you bring two devices near each other

●     Additional options to control when the iPhone screen shuts off in StandBy

●     The option to choose a specific album for the Lock Screen’s Photo Shuffle wallpaper

●     HomeKey support for Matter locks

●     Expanded Favorites in the Music app

●     A new automatic Favorite Songs playlist in the Music app

●     The addition of Apple’s Journal app

●     A Translate option for the Action button in the iPhone 15 Pro models

●     10-day precipitation forecasts in the Weather app

●     Sharing of eligible passes in the Wallet app via NameDrop-like proximity

●     A catch-up arrow in Messages that lets you jump to the first unread message

●     Multiple timers in the Clock app on the Mac

●     Stolen Device Protection for the iPhone

●     Collaborative playlists in Apple Music

●     Support for streaming content to TVs in select hotel rooms using AirPlay

Just Update It

Updates provide both a carrot (user-facing bug fixes and new features) and a stick (security fixes). That’s why we recommend updating soon after Apple pushes out a new release and why devices under management usually receive updates quickly. Even if a security breach is unlikely, the liability of allowing devices to remain unpatched is too high for most organizations. Installing updates is an easy way to reduce worry about things like compromised accounts and ransomware.

There are three types of operating system releases:

●     Minor bug fix and security updates: Install these as soon as convenient, usually within a few days. Examples of these include macOS 14.3 to 14.3.1.

●     Interim feature updates: Because these include bug fixes and security updates alongside the new features, you’ll also want to install these within a few days. An example is iOS 17.2.1 to iOS 17.3.

●     Major version upgrades: Because Apple always releases security updates for the two versions of macOS before the current one, you can wait a month or three before installing a major upgrade, such as from macOS 13 to macOS 14. However, once you’ve verified that your apps and workflow are compatible with the new version, we recommend upgrading because skipping a major version of macOS often results in a more difficult upgrade experience.

In each of these cases, if you’re worried about how an update might impact your workflow, check online forums for discussions of each update and feel free to ask us what we recommend for your particular situation.

(Featured image by iStock.com/Fokusiert)

Social Media: We know it seems like your Apple devices are constantly asking you to install an update. Other than for major upgrades, we recommend updating shortly after updates appear so you can take advantage of bug fixes, security updates, and new features.

Did You Know Text Entry Boxes in Web Browsers Are Easy to Expand?

Have you ever noticed the shading in the corner of text area fields in Safari, Chrome, Firefox, and most other Mac Web browsers? These “handles” let you resize the field—always vertically and sometimes horizontally. That’s handy when the website designer has provided only a small text box and you want to enter more text than will fit. Just drag the handle to make the text box the size you need. Other objects on the page move to accommodate the larger text box. If a text box doesn’t have a resize handle, the site designer doesn’t expect it to need to hold more than a single line of text.

(Featured image based on originals by iStock.com/OlgaCanals and PhotoMelon)

Social Media: If you want to enter more text than will seemingly fit in a text box on a Web page, you can use a trick to expand the box so you can see what you’re typing.

Help! My Account Has Been Hacked—What Should I Do?

How would you realize that one or more of your Internet accounts—email, social media, financial—have been hacked? (Some prefer the terms “compromised” or “breached”—you may hear them from support techs.) Unfortunately, there’s no telltale warning sign because “hacked” could mean any number of things. Here are some possible indications:

●     People you trust report receiving email that you didn’t send.

●     Social media friend requests are made to people you don’t know, or messages you don’t recognize are sent from your account.

●     Although you’re certain you have the correct password, you can’t log in to an account.

●     You become aware of your personal data appearing in places it shouldn’t.

●     Unknown charges or transfers appear in a bank or credit card account.

However, attackers will also try to fool you into thinking an account has been compromised to get you to enter passwords or financial information on a website designed to steal data. Don’t assume you’ve been hacked just because you received a phishing email saying so or because you see unexpected notifications claiming your computer is infected. No legitimate entity will ever send such email, and the only notification about malware you should ever see would come from anti-malware software you installed.

(Speaking of malware, dealing with that is a topic for another day—we’re focusing on online accounts in this article. Nonetheless, if one of your accounts has been compromised, it’s also worth scanning your Mac with the free version of Malwarebytes or VirusBarrier Scanner, just in case.)

First off, don’t panic. It’s important to take a deep breath, document everything you see with screenshots (press Command-Shift-5), and move quickly to regain control over whatever accounts were hacked and prevent others from falling prey to the attacker.

When you suspect an account has been compromised, try to verify the problem. Do the following:

●     Alert techs: If the account in question is for work, immediately alert your IT department and follow their instructions. If it’s a personal account, contact us. Tell whoever is helping you that you have screenshots you can send and be ready to forward any suspicious messages you have as well.

●     Gather evidence: Ask the person who told you about the problem to forward the message they received to another of your email addresses, or to a close friend or family member so you can see what’s being said in your name. Scrutiny of the fake message may reveal information about what has happened, though you may need help from someone with more technical experience.

●     Examine email: Since email account breaches are the most concerning (because they can be used to reset passwords elsewhere), scan your email for messages you didn’t send or replies to such messages. Along with the Inbox, look in the Sent mailbox and the Trash. Also, check your settings and filters to ensure incoming messages aren’t being forwarded elsewhere and then deleted.

●     Check social media: Connect to all your social media accounts—even those you don’t use regularly—and look for posts, friend requests, messages, or anything else that suggests an attacker has been impersonating you.

●     Audit accounts: Log in to important accounts and look for suspicious activity, such as login attempts from unfamiliar locations or IP addresses or changes to account settings.

If you find evidence to suggest that one or more of your accounts have been compromised, follow these steps:

●     Immediately change the passwords for any affected accounts. We always recommend using a password manager like 1Password to generate strong, random passwords.

●     Whenever possible, turn on two-factor authentication.

●     If available for the account in question, follow advice from the service. Apple, Facebook, Google, Instagram, Microsoft, and Twitter all have advice on how to respond, as will many other companies.

●     Review account settings for unauthorized changes, especially recovery options like backup phone numbers and email addresses.

●     Look through your accounts in your password manager and change the passwords for the most important ones and any that might be related.

●     If you can’t get into an account because the password has been changed, make sure you have sole control of your email account and then trigger a password reset.

●     For affected financial accounts, along with changing the password, immediately call the institution and ask for their help locking the account to prevent any transfers.

●     If your email account was used to send phishing messages to contacts, you should alert any friends, family, and colleagues who might have received the messages that your account was hacked and that the previous message wasn’t from you.

Security breaches are stressful, we know, but it’s imperative that you deal with them right away. The longer you wait, the more damage the attacker can cause, including stealing your money, impersonating you, scamming your friends and family, and compromising your employer’s systems. We’re here to help.

(Featured image by iStock.com/PUGUN SJ)

Social Media: If you notice strange behavior in your online accounts, you might have been hacked. It’s imperative that you act immediately to verify the breach, change passwords, lock accounts, and alert support personnel.