Apple has released watchOS 7.6.2 with an important security fix for Apple Watch Series 3 and later. The update patches a flaw that was actively exploited so it is recommended that users update immediately to the watchOS 7.6.2.
What’s new in watchOS 7.6.2?
The new software update contains an important security fix for CoreGraphics in Apple Watch Series 3 and later. The flaw could allow a malicious PDF to be used for arbitrary code execution. As per Apple, the security flaw was already exploited in the wild so it is important that users update immediately to stay safe.
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An integer overflow was addressed with improved input validation.
CVE-2021-30860: The Citizen Lab
This vulnerability allowed hackers to bypass BlastDoor security that Apple implemented in the iMessage app in iOS 14. Security fixes have also been released for iOS 14 and macOS Big Sur to fix this flaw.
The previous update, watchOS 7.6.1, also fixed a security flaw in IOMobileFrameBuffer which was actively exploited by NSO’s Pegasus spyware which was used to hack journalists, human rights activists, and government officials around the world.
How to upgrade to watchOS 7.6.2
To upgrade to watchOS 7.6.2, place your Apple Watch on its wireless charger and make sure that it has more than 50% charge. Open the Watch app on your paired iPhone and go to Settings > General > Software Update. From here, you can initiate watchOS 7.6.2 download and installation.
The next upcoming Apple Watch update is watchOS 8 which should be available in the next few days. It features new workouts, watch faces, health features, app updates, and more.