Update Now: iOS 26.2 Fixes 20+ Security Vulnerabilities

by

Apple today released iOS 26.2, iPadOS 26.2, and macOS 26.2, all of which introduce new features, bug fixes, and security improvements. Apple says that the updates address over 20 vulnerabilities, including two bugs that are known to have been actively exploited.

bug security vulnerability issue fix larry
There are a pair of WebKit vulnerabilities that could allow maliciously crafted web content to execute code or cause memory corruption. Apple says that the bugs might have been exploited in an attack against targeted individuals on versions of iOS before iOS 26.

Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

One of the WebKit bugs was fixed with improved memory management, while the other was addressed with improved validation.

There are several other vulnerabilities that were fixed too, across apps and services. An App Store bug could allow users to access sensitive payment tokens, processing a malicious image file could lead to memory corruption, photos in the Hidden Album could be viewed without authentication, and passwords could be unintentionally removed when remotely controlling a device with FaceTime.

Now that these vulnerabilities have been publicized by Apple, even those that were not exploited before might be taken advantage of now. Apple recommends all users update their devices to iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2 as soon as possible.

Related Roundups: iOS 26, iPadOS 26
Related Forum: iOS 26

Popular Stories

Touchscreen MacBook Feature

Apple Is Expected to Launch These Four MacBooks in 2026

Friday January 9, 2026 8:17 am PST by
2026 could be a bumper year for Apple's Mac lineup, with the company expected to announce as many as four separate MacBook launches. Rumors suggest Apple will court both ends of the consumer spectrum, with more affordable options for students and feature-rich premium lines for users that seek the highest specifications from a laptop. Below is a breakdown of what we're expecting over the next ...
Read Full Article108 comments
iPhone Top Left Hole Punch Face ID Feature Purple

10 Reasons to Wait for This Year's iPhone 18 Pro

Thursday January 8, 2026 2:56 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article75 comments
proposed unicode emoji 18%402x

Squinting Face, Pickle, and Lighthouse Among New Emoji Coming to iOS

Friday January 9, 2026 4:24 am PST by
The Unicode Consortium has published a draft list of emoji that could come to smartphones and other devices in the future. The list shared by Emojipedia outlines 19 emoji candidates under consideration for Emoji 18.0, which is expected to be finalized in September 2026. Among the proposed additions are a squinting face emoji, left- and right-pointing thumb gestures, a pickle, a lighthouse, a ...
Read Full Article81 comments
apple homekit ios 18 5

Apple Reminding Users of Pending Home App Upgrade Requirement

Friday January 9, 2026 10:08 am PST by
Back in late 2022 and early 2023, Apple rolled out a new architecture for its Apple Home platform to deliver improved performance and compatibility, although the rollout came with some hiccups that forced Apple to pull and later re-release the upgrade. Three years later, Apple is now on the verge of ending support for the old version of the Home architecture, which may result in access to...
Read Full Article86 comments
grok logo purple gradient

U.S. Senators Ask Apple and Google to Remove X and Grok Apps Over Sexualized Image Generation

Friday January 9, 2026 9:43 am PST by
In a letter to Apple CEO Tim Cook and Google CEO Sundar Pichai, U.S. Senators Ron Wyden, Ben Ray Lujan, and Edward Markey have requested that Apple and Google remove X Corp's X and Grok apps from their app stores over recent incidents of "mass generation of nonconsensual sexualized images of women and children." X has come under fire over the past week amid reports of Grok's AI image...
Read Full Article435 comments
iOS 26 Glass Feature

iOS 26 Shows Unusually Slow Adoption Months After Release

Thursday January 8, 2026 3:44 pm PST by
iOS 26 is showing unusually slow adoption among iPhone users months after release, according to third-party analytics. Usage data published by StatCounter (via Cult of Mac) for January 2026 indicates that only around 15 to 16% of active iPhones worldwide are running any version of iOS 26. The breakdown shows iOS 26.1 accounting for approximately 10.6% of devices, iOS 26.2 for about 4.6%, and ...
Read Full Article503 comments
iphone fold text

iPhone Fold to Pave Way for Thinner, Brighter Display on iPhone Air 2

Friday January 9, 2026 3:37 am PST by
The iPhone Fold will be the first Apple device to adopt a Samsung-made OLED technology called CoE (Color Filter on Encapsulation), which could make the display brighter and thinner than previous panels, reports The Elec. In a traditional OLED panel, a polarizing film sits above the display to cut reflections and improve contrast. The drawback is that this film also absorbs some of the OLED's ...
Read Full Article60 comments

Top Rated Comments

turbineseaplane Avatar
turbineseaplane
4 weeks ago
This is so predictable ..

Better not stay behind ... we just found a very scary vulnerability (amazing timing!).. so scary, we won't fix it anywhere else .. you have to come get it on FisherPriceOS 26.2
Score: 31 Votes (Like | Disagree)
HouseLannister Avatar
HouseLannister
4 weeks ago

Every OS upgrade regardless of platform does this, or not?
Android is so componentized that individual parts of the OS are patched daily. The OS is updated quarterly just like Apple, but those are feature updates and not security patches. Meanwhile Apple delays releasing security fixes for weeks that are being actively exploited because they are also trying to make a transparency slider for the clock and can't do those two things separately. In the last 24 hours, my Pixel has updated the Phone app, the Google app, Google Drive, Google Translate, Voice Access, Android AICore, Google Messages, Gboard, Pixel Camera, and Google Wallet. And that's a pretty typical day. The security is outstanding on Android because of how they structured their OS and the flexibility it gives them.
Score: 21 Votes (Like | Disagree)
jz0309 Avatar
jz0309
4 weeks ago
THAT is why I update, not for the features that have been described so many times here.
But that's just me
Score: 15 Votes (Like | Disagree)
Diopter Avatar
Diopter
4 weeks ago
And some of the security fixes were included in 18.7.3 too...

But so far 18.7.3 hasn't been released for iPhones that are capable of upgrading to iOS 26, even if they're still on 18.7.2. It's currently only available to devices that can't upgrade to iOS 26.

I hope that's a temporary error and not a deliberate move by Apple to force users to update to iOS 26.
Score: 15 Votes (Like | Disagree)
Biro Avatar
Biro
4 weeks ago
“Even with our annoying alerts, you people won’t “upgrade” to our buggy and unattractive iOS/iPadOS/MacOS 26! So we’ve found some security vulnerabilities that will end your life if you don’t “upgrade” right now. So everybody in the pool!”

Jeez, I predicted this a number of times since 26 came out. The same as it ever was. So what’s worse… the security vulnerabilities or the bugs still in 26? ???

EDIT: Apple’s notes read thusly… “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.”

Okay… then where is the 18.7.3 update? The only way to protect ourselves is to go with 26.2? Give me a break.
Score: 12 Votes (Like | Disagree)
jgba Avatar
jgba
4 weeks ago
In other words, if you're still on Sequoia, switch to another browser (Firefox is good). Stop using Safari.

Because, guess what: even though they updated Sequoia today, it does not include fixes for these "actively exploited" vulnerabilities, according to Apple's "security content" notes. Gee, thanks.

edit: I didn't see Safari 26.2 for Sequoia listed in the security content list, so maybe I missed it, but it's now there and lists these fixes, so please disregard this post.
Score: 12 Votes (Like | Disagree)
Read All Comments