Skip to content
Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones

Summary created by Smart Answers AI

In summary:

  • Apple released iOS 26.5 with 52 critical security vulnerability fixes, plus updates for older iOS versions dating back to 2015 iPhones.
  • Macworld reports that patches address networking, Wi-Fi, and WebKit issues, with no vulnerabilities currently exploited in the wild.
  • Users should update immediately as fixes include preventing IP tracking and unauthorized data access across all supported devices.

Apple always has at least a few security updates in its iOS point releases. While the number of security fixes in each release varies, it used to be uncommon to see more than 20 vulnerabilities addressed.

The last few iOS releases have seen a surge in security updates, and the new iOS 26.5 update is no exception. In fact, with a whopping 52 listed security vulnerabilities fixed (including a single WebKit patch that addresses nine CVE entries) it stands out even among the more recent iOS updates.

While many of the vulnerabilities sound like they could be quite serious, Apple has not noted that any of them have been deployed and used in the wild yet. Other OS versions, from macOS to tvOS and watchOS, feature dozens of fixes in the 26.5 release as well.

If you’re not yet on iOS 26, there are still some updates for you that address many of the same serious vulnerabilities. Those still on iOS/iPadOS 18 will find an 18.7.9 update waiting for them. If you have an older device and are on iOS or iPadOS 16, you’ll see version 16.7.16. There’s even a 15.8.8 update for devices going all the way back to the iPhone 6s; it’s eleven years old and still getting critical security updates.

You can read more about the specific vulnerabilities addressed in these updates on the Apple Security Releases page. Among the notable security updates:

Networking

  • Impact: An attacker may be able to track users through their IP address
  • Description: This issue was addressed through improved state management.
  • CVE-2026-28906: Ilya Sc. Jowell A.

Screenshots

  • Impact: An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring
  • Description: A privacy issue was addressed by removing the vulnerable code.
  • CVE-2026-28963: Jorge Welch

Status Bar

  • Impact: An app may be able to capture a user’s screen
  • Description: An issue with app access to camera metadata was addressed with improved logic.
  • CVE-2026-28957: Adriatik Raci

Wi-Fi

  • Impact: An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets
  • Description: A use after free issue was addressed with improved memory management.
  • CVE-2026-28994: Alex Radocea

iOS 26.5 is more than just security fixes; it adds a handful of new features, such as RCS encryption (beta) and suggested places in Maps. We have another article explaining all the changes in iOS 26.5.

Source link

Related posts:

Default ThumbnailApple just delivered critical security updates to billions of devices PSA: Dozens of critical security updates are waiting for your iPhone and MacPSA: Dozens of critical security updates are waiting for your iPhone and Mac Apple releases security updates for macOS Sonoma and VenturaApple releases security updates for macOS Sonoma and Ventura Update now! iOS 26.3 contains dozens of critical security fixesUpdate now! iOS 26.3 contains dozens of critical security fixes
Tags: