Apple released several emergency security updates on Wednesday to fix a zero-day vulnerability that had already been exploited in advanced cyberattacks against its devices.
According to notes shared by Apple’s support team, the patch has been issued for iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS. The company said the flaw, named CVE-2026-20700, could allow attackers to run malicious code on affected devices if successfully exploited.
Google’s Threat analysis found that CVE-2026-20700 causes memory corruption in dyld, Apple’s Dynamic Link Editor. The group of cybersecurity researchers has warned that hackers capable of writing to device memory could use the flaw to execute arbitrary commands. Apple’s internal security team worked with the security analysts during the investigation.
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26,” the company said in a security advisory.
Zero-day flaw had already executed targeted attacks, Google report says
According to Apple’s patch notes, the zero-day bug was part of a set of vulnerabilities that had previously been identified and addressed. Two related flaws, CVE-2025-14174 and CVE-2025-43529, were fixed in late December.
At the time, Cryptopolitan reported that these earlier vulnerabilities were affecting WebKit, the engine that powers Apple’s Safari browser and all third-party browsers on iOS and iPadOS.
The CVE-2025-14174 flaw involved an out-of-bounds memory access issue in ANGLE’s Metal renderer component. Metal is Apple’s hardware-accelerated graphics and compute framework.
On the other hand, CVE-2025-43529 hailed from a use-after-free vulnerability in WebKit. Cyber attackers could exploit the issue via specially crafted web content that enables code execution on a victim’s device.
One critical issue involved the CoreMedia framework, which handles audio and video processing. Hackers could take control of a user’s CoreMedia by sending maliciously crafted files to targeted iPhones. When processed, these files could trigger denial-of-service conditions or expose private data from the phone’s memory.
The vulnerabilities had likely been deployed in targeted spyware campaigns on activists, journalists, or government officials, Google’s analysis confirmed.
Apple notes lists devices eligible for updates
Apple’s latest security updates apply to both current and older devices, on multiple platforms. The company released iOS 26.3 and iPadOS 26.3 for iPhone 11 and later models, as well as several generations of iPads.
Mac computers running macOS Tahoe received version 26.3 updates, while Apple TV models gained tvOS 26.3. Apple Watch Series 6 and newer devices received watchOS 26.3.
Apple also issued visionOS 26.3 updates for all Vision Pro headsets, while older devices received patches through updates such as iOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, and Safari 26.3.
Apple said the problem has been resolved through improved memory management in the latest iOS release.
Other patched vulnerabilities were made on core system areas, including Game Center, ImageIO, the operating system kernel, and Apple’s Live Caption, Photos, Spotlight, Shortcuts, and StoreKit.
Siri feature upgrades delayed after failed tests
The security updates come as Apple struggles to upgrade its Siri voice assistant. The iPhone manufacturer was planning to launch Siri’s new features in the upcoming software release scheduled for March.
However, testing problems have forced Apple to reconsider the timeline, people familiar with the matter said. Some features are now expected to be delayed until later updates.
Apple initially planned to include the enhanced Siri capabilities in iOS 26.4. Although the update’s March release timeline has not changed, some functions will be excluded. Engineers are now testing the new features in iOS 26.5, expected to arrive in May, while more upgrades could be postponed further until iOS 27 in September.
During its first unveiling in June 2024, Siri was shown analyzing on-screen content and offering more precise voice control across both Apple and third-party applications. Apple had originally planned to deliver these features by early 2025, but that timeline was later pushed to an unspecified date in 2026.
Source: https://www.cryptopolitan.com/apple-ships-updates-after-exploitation/
