iOS updates are typically filled with minor bug fixes and low-priority security patches. Not this time. While Apple isn't likely to advertise the fact that its mobile software had some scary vulnerabilities in the first place, today's iOS 10.2.1 update includes patches for security holes that could potentially leak all your personal info or give someone complete control over your device. You'll want to update immediately on any iPhone, iPad and iPod touch you own.
Apple describes two of the newly-patched vulnerabilities as preventing a case where "an application [could] execute arbitrary code with kernel privileges," meaning an app could gain low-level access and inject all the malicious software it wants on your iDevice. 11 of the vulnerabilities focus on Apple's WebKit browser engine: They don't sound any less frightening, with descriptions like "processing maliciously crafted web content may lead to arbitrary code execution" (clicking on the wrong web content could give hackers access to off-limits areas).
While iOS exploits have led to numerous jailbreaks (hacks which let the user install unapproved apps from outside of the App Store) created by trusted modding community members, these same vulnerabilities – like those patched today – could allow a less-trusted intruder to collect personal data, install spyware or render your device useless.
The good news is there's no evidence that any malicious parties have access to the exploits, as Apple was notified privately by advanced security experts, including nine reported from Google's Project Zero. Still, better safe than sorry: Go to Settings > General > Software Update while on Wi-Fi to start the update process.