iOS 26.3 and macOS 26.3 Fix Dozens of Vulnerabilities, Including Zero-Day

Source: Hacker News

Apple today released iOS 26.3, iPadOS 26.3, and macOS Tahoe 26.3, all of which largely focus on bug fixes and security improvements. Apple says that the updates address dozens of vulnerabilities, including one that is known to have been actively exploited.

That vulnerability in the dyld dynamic link editor could allow for the execution of arbitrary code, and Apple says the bug may have been exploited in an “extremely sophisticated attack” against targeted individuals on versions of iOS before iOS 26. An attacker with memory‑write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

Apple says the memory‑corruption issue was fixed with improved state management. Numerous other vulnerabilities were also fixed across iOS, iPadOS, macOS, and Apple’s other platforms that saw updates released today.

Now that these vulnerabilities have been publicized by Apple, even those that were not previously exploited might be taken advantage of. Apple recommends all users update their devices to iOS 26.3, iPadOS 26.3, and macOS Tahoe 26.3 as soon as possible.