iOS 26.2 rectifies 26 vulnerabilities in Apple’s software, including two currently exploited in attacks.
Apple iPhone
Update Dec. 14: This article has been refreshed to incorporate expert insights on the flaws addressed in iOS 26.2 and additional updates, as well as spyware guidance and the absence of iOS 26.1.1.
Apple has launched iOS 26.2, urging users to update their iPhones promptly. This update addresses 26 security flaws, with two already being exploited in actual attacks.
While Apple has been tight-lipped on specifics, they confirmed that iOS 26.2 remedies two vulnerabilities in WebKit, the engine behind Safari, which may have been exploited in high-level targeted attacks on earlier iOS versions. These issues are labeled CVE-2025-43529 and CVE-2025-14174. If a user interacts with malicious web content, these vulnerabilities could lead to arbitrary code execution.
iOS 26.2 and Spyware Alerts
The iOS 26.2 release coincides with Apple’s alerts about increasing spyware threats. These notifications were sent to users in over 80 countries, emphasizing that specific groups, such as dissidents and journalists, face targeted malware threats.
Protecting Against Spyware
Common signs of spyware include rapidly heating devices, sluggish performance, or unfamiliar apps appearing. Experts suggest that if spyware is suspected, the best action may be to switch to a different device. However, restarting the iPhone can temporarily disrupt the malware if it has infiltrated.
The Urgency to Update to iOS 26.2
iOS 26.2 introduces enhanced security features, including updates to Enhanced Safety Alerts, and new functionalities like Liquid Glass options, podcast improvements, and offline lyrics support in Apple Music. Given that the patched vulnerabilities were previously exploited in older OS versions, immediate updating is essential.
So don’t delay! Navigate to your Settings > General > Software Update to get iOS 26.2 or iOS 18.7.3 without delay.
