If you own a Mac, chances are you woke up this morning with an update notification from the App Store. You might have put aside this seemingly innocuous security update for later in the day, but take our advice: download and install it right now. Yes, I mean right this very second. Hit the update button.
Why? Because this is the same security update that hit iOS last week — the one that fixed vulnerabilities which could allow hackers to read your messages, trace your calls, collect your passwords and even track your location.
In order to download and install the update, open the App Store, tap on the Updates icon in the menu bar and click on the Update button on the right side of the screen. Save anything you were working on and restart your computer.
Additionally, if you have an iPhone and haven’t updated yet, either head to Settings > General > Software Update on your iOS device, or plug the device into your computer, at which point iTunes will alert you that an update is available.
The “Trident” vulnerabilities were originally discovered by Lookout and Citizen Lab late last month. These vulnerabilities were taken advantage of with a mobile espionage product called Pegasus. A single Pegasus license could cost hundreds of thousands of dollars, so the chances of an average mobile device user being hacked is slim, but it’s certainly not a risk worth taking.
It’s still unclear why Apple waited this long to release the security update for OS X El Capitan and Yosemite, and why it hasn’t urged users to update.