iPhone, Android Users Issued 3 Week Deadline To Update Phones – Forbes
All smartphone users must update nowSo, this is interesting. Whether you’re an iPhone or Android user, you need to update your phone right away. Google and Apple have warned that attacks are underway, both quickly releasing critical security updates. Now there are 3 week deadlines to install those updates to ensure you are protected from the new attacks.The 3 week deadlines come by way of America’s cyber defense agency, and they’re already underway. It’s a legal mandate for all federal employees to update or stop using unpatched phones, but it also applies more broadly. CISA says it operates “to help every organization better manage vulnerabilities and keep pace with threat activity,” and it has issued an alert “strongly urging all organizations to reduce their exposure to cyberattacks” through the “timely remediation” of these exploited vulnerabilities. CISA says if you can’t update your phone by the deadline, you should stop using it until you can.Android’s update mandate was issued on February 5th after Google advised “CVE-2024-53104 may be under limited, targeted exploitation.” Phones should be updated by February 26th. The update is out for Pixels albeit not yet others. Update as soon as you can. iPhone users were also issued an update mandate on February 12th and must do so by March 5th, with Apple warning CVE-2025-24200 “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”The attacks against both Androids and iPhones follow a similar theme. While Google gave little away, security specialist GrapheneOS attributed the new attacks to “one of the USB bugs exploited by forensic data extraction tools.”The iPhone threat is similar, with Apple describing it as “a physical attack [that] may disable USB Restricted Mode on a locked device.” That restriction is designed to frustrate physical forensics tools plugged into phones to extract data. It kicks in when an iPhone has been locked for an hour or more. There’s a quiet battle taking place between phone manufacturers and forensic tool providers, as seen when iPhones “mysteriously rebooted” when pulled out of police storage lockers.The fix is simple for iPhone users. Just make sure your phone is updated to iOS 18.3.1 at a minimum. Pixel users have also now been issued a fix with Android’s February update. The situation for Samsung is more complex. The fix was not included in their own February update, albeit it may be rolling out behind the scenes. But that has not been officially confirmed, and so the deadline will be missed.If the optics of Android and iPhone users being under simultaneous U.S. government update mandates is not bad enough, Windows users have also joined the zero day party. This is less unusual, as zero-days have become a running theme with Microsoft’s Patch Tuesday updates for several months running now.Just as with iPhones and Androids, Windows 10 and Windows 11 users also have a CISA deadline to hit or stop using PCs. In this case, that’s March 4th. There are two Windows vulnerabilities under attack, one impacts storage, risking a device being destabilized. The other is likely combined with other exploits to elevate an attacker’s privileges and potentially enable them to hijack a device.Whatever combination of Androids, iPhones or PCs you’re running, just make sure you update all your devices as soon as you can. You have been warned.One Community. Many Voices. Create a free account to share your thoughts. Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.Your post will be rejected if we notice that it seems to contain:User accounts will be blocked if we notice or believe that users are engaged in:So, how can you be a power user?Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.
