If you haven't updated your iPhone this week, do it now.
The latest version of the Apple iPhone operating system, iOS 9.3.3, as well as OS X 10.11.16 for computers, tvOS 9.2.2 for Apple TV and watchOS 2.2.2 for Apple Watches patches a vulnerability that could let someone hack your phone with a corrupted image file, 9to5 Mac reported. In other words, if you don't update your equipment, a basic text message could put your passwords, photos and other data in danger.
The issue was recently uncovered by Cisco Talos, a threat intelligence organization. It found that a vulnerability in Apple's Image I/O API system allows the way that a certain TIFF file, a kind of image, is rendered to be hijacked. That means any app on your phone that uses the Image I/O API system could be at risk — Messages, Mail, Safari, et cetera, the Guardian reported.
In some cases, you don't even have to open the file. You might not even know your phone was exposed, according to Digital Trends.
"Image files are an excellent vector for attacks since they can be easily distributed over web or email traffic without raising the suspicion of the recipient," Cisco Talos wrote in a blog post this week. "Furthermore, depending on the delivery method chosen by an attacker, this vulnerability is potentially exploitable through methods that do not require explicit user interaction since many applications (i.e. iMessage) automatically attempt to render images when they are received in their default configurations."
Many tech experts compared the TIFF issue to an Android bug called Stagefright, which exposed 95 percent of users to hacks through a flaw in the way certain multimedia messages were downloaded. Similarly, this new iPhone vulnerability can affect anyone not running the latest iOS and OS software — a minimum of about 97 million devices, according to Quartz.
To make sure your phone, is running the latest software, you can go to Settings > General > Software Update and click "download and install."