Update Now: iOS 26.2 Fixes 20+ Security Vulnerabilities

by

Apple today released iOS 26.2, iPadOS 26.2, and macOS 26.2, all of which introduce new features, bug fixes, and security improvements. Apple says that the updates address over 20 vulnerabilities, including two bugs that are known to have been actively exploited.

bug security vulnerability issue fix larry
There are a pair of WebKit vulnerabilities that could allow maliciously crafted web content to execute code or cause memory corruption. Apple says that the bugs might have been exploited in an attack against targeted individuals on versions of iOS before iOS 26.

Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

One of the WebKit bugs was fixed with improved memory management, while the other was addressed with improved validation.

There are several other vulnerabilities that were fixed too, across apps and services. An App Store bug could allow users to access sensitive payment tokens, processing a malicious image file could lead to memory corruption, photos in the Hidden Album could be viewed without authentication, and passwords could be unintentionally removed when remotely controlling a device with FaceTime.

Now that these vulnerabilities have been publicized by Apple, even those that were not exploited before might be taken advantage of now. Apple recommends all users update their devices to iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2 as soon as possible.

Related Roundups: iOS 26, iPadOS 26
Related Forum: iOS 26

Popular Stories

iOS 26

Apple Releases iOS 26.3 and iPadOS 26.3

Wednesday February 11, 2026 10:07 am PST by
Apple today released iOS 26.3 and iPadOS 26.3, the latest updates to the iOS 26 and iPadOS 26 operating systems that came out in September. The new software comes almost two months after Apple released iOS 26.2 and iPadOS 26.2. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. According to Apple's release notes, ...
Read Full Article90 comments
m5 macbook pro deal

Why You Shouldn't Buy the Next MacBook Pro

Tuesday February 10, 2026 4:27 pm PST by
Apple is planning to launch new MacBook Pro models as soon as early March, but if you can, this is one generation you should skip because there's something much better in the works. We're waiting on 14-inch and 16-inch MacBook Pro models with M5 Pro and M5 Max chips, with few changes other than the processor upgrade. There won't be any tweaks to the design or the display, but later this...
Read Full Article243 comments
M3 iPad Air

Apple's Next Two Products Are Coming Soon

Thursday February 12, 2026 11:17 am PST by
Apple plans to release an iPhone 17e and an iPad Air with an M4 chip "in the coming weeks," according to the latest word from Bloomberg's Mark Gurman. "Apple retail employees say that inventory of the iPhone 16e has basically dried out and the iPad Air is seeing shortages as well," said Gurman. "I've been expecting new versions of both (iPhone 17e and M4 iPad Air) in the coming weeks."...
Read Full Article
Apple Logo Black

Apple Acquires New Database App

Wednesday February 11, 2026 6:44 am PST by
Apple acquired Canadian graph database company Kuzu last year, it has emerged. The acquisition, spotted by AppleInsider, was completed in October 2025 for an undisclosed sum. The company's website was subsequently taken down and its Github repository was archived, as is commonplace for Apple acquisitions. Kuzu was "an embedded graph database built for query speed, scalability, and easy of ...
Read Full Article33 comments
iPhone 16e Bottom Crop

Apple Reportedly Unveiling a New iPhone Next Week

Tuesday February 10, 2026 1:51 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report said the iPhone 17e will be announced in a press release on the Apple Newsroom website, so do not expect an event for this device specifically. The iPhone 17e will be a spec-bumped successor to the iPhone 16e. Rumors claim the device will have four key...
Read Full Article

Top Rated Comments

turbineseaplane Avatar
turbineseaplane
9 weeks ago
This is so predictable ..

Better not stay behind ... we just found a very scary vulnerability (amazing timing!).. so scary, we won't fix it anywhere else .. you have to come get it on FisherPriceOS 26.2
Score: 31 Votes (Like | Disagree)
HouseLannister Avatar
HouseLannister
9 weeks ago

Every OS upgrade regardless of platform does this, or not?
Android is so componentized that individual parts of the OS are patched daily. The OS is updated quarterly just like Apple, but those are feature updates and not security patches. Meanwhile Apple delays releasing security fixes for weeks that are being actively exploited because they are also trying to make a transparency slider for the clock and can't do those two things separately. In the last 24 hours, my Pixel has updated the Phone app, the Google app, Google Drive, Google Translate, Voice Access, Android AICore, Google Messages, Gboard, Pixel Camera, and Google Wallet. And that's a pretty typical day. The security is outstanding on Android because of how they structured their OS and the flexibility it gives them.
Score: 21 Votes (Like | Disagree)
jz0309 Avatar
jz0309
9 weeks ago
THAT is why I update, not for the features that have been described so many times here.
But that's just me
Score: 15 Votes (Like | Disagree)
Diopter Avatar
Diopter
9 weeks ago
And some of the security fixes were included in 18.7.3 too...

But so far 18.7.3 hasn't been released for iPhones that are capable of upgrading to iOS 26, even if they're still on 18.7.2. It's currently only available to devices that can't upgrade to iOS 26.

I hope that's a temporary error and not a deliberate move by Apple to force users to update to iOS 26.
Score: 15 Votes (Like | Disagree)
B
Biro
9 weeks ago
“Even with our annoying alerts, you people won’t “upgrade” to our buggy and unattractive iOS/iPadOS/MacOS 26! So we’ve found some security vulnerabilities that will end your life if you don’t “upgrade” right now. So everybody in the pool!”

Jeez, I predicted this a number of times since 26 came out. The same as it ever was. So what’s worse… the security vulnerabilities or the bugs still in 26? ???

EDIT: Apple’s notes read thusly… “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.”

Okay… then where is the 18.7.3 update? The only way to protect ourselves is to go with 26.2? Give me a break.
Score: 12 Votes (Like | Disagree)
J
jgba
9 weeks ago
In other words, if you're still on Sequoia, switch to another browser (Firefox is good). Stop using Safari.

Because, guess what: even though they updated Sequoia today, it does not include fixes for these "actively exploited" vulnerabilities, according to Apple's "security content" notes. Gee, thanks.

edit: I didn't see Safari 26.2 for Sequoia listed in the security content list, so maybe I missed it, but it's now there and lists these fixes, so please disregard this post.
Score: 12 Votes (Like | Disagree)
Read All Comments