.png){kind=logo}
Apple has launched iOS 26.2 with an uncommon warning to update iPhones right away. According to the tech company, the new update fixes 26 bugs in iOS, two of which have been exploited in cyberattacks.
Apple described how these two vulnerabilities being exploited are linked to WebKit, a browser engine used in all versions of iOS and Safari browsers. The vulnerability, identified under CVE-2025-43529 and CVE-2025-14174, can allow an attacker to execute malicious code if a user interacts with a specially designed web page. Apple explained that these two bugs have ‘potentially been used in very sophisticated attacks on individual targets’ in versions of iOS before iOS 26.
As part of a security playbook, Apple hasn’t released much information about vulnerabilities to give consumers time to update before an attack can reverse-engineer a patch.
iOS 26.2 patches another critical vulnerability, CVE-2025-46285, in the kernel level. Exploitation of this loophole can allow an application to gain root access, giving complete control over the device.
“If an attacker gains ‘root access’, they own the phone,” says Javvad Malik, a leading CISO advisor with KnowBe4, noting how attackers will quickly exploit newly discovered vulnerabilities.
Also Read: iOS 26.2 Security Update Fixes Data Exposure and System Privilege Risks
The news comes after Apple confirmed a sophisticated attack on iPhones by spyware, warning affected users in over 80 countries. The spyware in question is usually meant for journalists, dissidents, and other high-risk targets, with access to messages, calls, and microphones, including encrypted apps.
As a precautionary measure against spyware, Hagai says one should immediately update, lock down mode on, and be vigilant about unusual activity.
Many security observers wondered why Apple took a long time to release an iOS 26.2 fix rather than an immediate iOS 26.1.1 update. The answer lies in Background Security Improvements of iOS 26.1, where these security measures were applied in quiet mode before release.
Apple launched iOS 18.7.3, macOS Tahoe 26.2, watchOS 26.2, tvOS 26.2, and visionOS 26.2. Experts advise Apple users to update their devices immediately. This can be done by manually checking Settings > General > Software Update and updating to iOS 26.2 or iOS 18.7.3.
