How likely is it for the bad guys to exploit our phones if we dont update to the latest iOS ASAP?

[wirtandi]

Just curious, I am a relatively new Apple customer. Just how likely is it for our phones to be hacked if we dont update to the latest iOS containing the fix for "serious security vulnerability"?

Surely its almost impossible for us to be hacked if we visit big, well known websites, being careful with what we download, and just using common sense in general, right?

I mean I do want to update quickly but I also know there are reports that software updates ruin people's phones so I prefer to wait 1 week or so.

 

[barbu]

It’s fine to wait a week before updating. The chances of an update ruining your phone are remote, but not as remote as being affected by Pegasus malware etc. Unless you are a a very interesting person, you will almost certainly not be a target.
pegasus does not require you to do anything to infected, so your browsing habits won’t likely affect things at all.
Common sense won’t protect you though. Nation state tooling can pwn your phone pretty much at will.

 

[KaliYoni]

Surely its almost impossible for us to be hacked if we visit big, well known websites, being careful with what we download, and just using common sense in general, right?

Not necessarily. First, ad banners can be an attack pathway, even on "big, well known websites", because ad space is commonly sold and filled by companies that have no affiliation with a website or the website's primary ad supplier. In other words, the ad space on your favorite website may be managed by Google's ad network. And in turn, Google may fill the space with ads Google sold or with ads sold by other ad networks, many of which are unscrupulous or uncaring about security.

Second, security exploits often take advantage of your connections to other people. It's pretty easy to reflexively click on a link or open an email attachment that appears to have been sent by somebody you know well or trust.

Finally, I think "common sense" is highly variable in both meaning and application across people. Perhaps the most relevant example right now is face masks. Some people feel it is simply common sense to wear a mask in crowded indoor spaces. Other people feel it is simply common sense that wearing masks in crowded indoor spaces is not necessary anymore. Different people have different attitudes and sensitivity about danger.

So, my advice on installing updates is that it is best to do so as soon as you feel comfortable that Apple has not released a buggy update. In the case of zero-day exploits, as with this most current iOS and iPadOS update, the risk of not updating quickly often outweighs the risk of downloading a buggy update.

 

[addamas]

I hope Apple will finally allow to update using network data (not Wifi / iTunes) because it a joke that you have to ask someone for tether when you are outside of WiFi hotsposts

 

[Puonti]

I hope Apple will finally allow to update using network data (not Wifi / iTunes) because it a joke that you have to ask someone for tether when you are outside of WiFi hotsposts

You can do that with 5G iPhones and iPads, which probably means Apple is not going to allow it on non-5G models. It has an Apple-y kind of logic to it.

 

[Isamilis]

Just curious, I am a relatively new Apple customer. Just how likely is it for our phones to be hacked if we dont update to the latest iOS containing the fix for "serious security vulnerability"?

Surely its almost impossible for us to be hacked if we visit big, well known websites, being careful with what we download, and just using common sense in general, right?

I mean I do want to update quickly but I also know there are reports that software updates ruin people's phones so I prefer to wait 1 week or so.

Very unlikely tbh. I usually upgrade due to new features (compatibility with particular apps) and (recently) privacy.