Apple has just dropped a highly urgent security update for iPhones, with iOS 26.3 (and iPadOS 26.3) addressing 39 security vulnerabilities — including a serious zero-day flaw (CVE-2026-20700) that has already been actively exploited in the wild. Released on February 11, 2026, this patch targets a memory corruption issue in Apple’s Dynamic Link Editor (dyld), which could allow attackers with certain capabilities to execute arbitrary code on your device.
Apple’s own advisory states that this vulnerability “may have been exploited in an extremely sophisticated attack against specific targeted individuals” on versions of iOS prior to iOS 26. Experts and security reports emphasize that this is no routine update — it’s designed to block real-world spyware and targeted threats, making immediate installation essential for anyone on a compatible device.
Which iPhones Are Affected and Need This Update Now?
The iOS 26.3 update applies to iPhone 11 and later models, including:
- iPhone 11 series (11, 11 Pro, 11 Pro Max)
- iPhone 12 series (including 12 mini)
- iPhone 13 series (including 13 mini)
- iPhone 14 series (including 14 Plus)
- iPhone 15 series (including 15 Plus)
- iPhone 16 series
- iPhone 17 series and Air (2025/2026 models)
- iPhone SE (2nd generation and later)
If your iPhone falls into this group and you’re running anything older than iOS 26.3 (such as iOS 26.2, 26.2.1, or earlier branches), you’re potentially exposed. Apple has confirmed the zero-day was exploited on pre-iOS 26 versions, and the broader set of 39 fixes covers issues in components like WebKit (Safari engine), kernel, Photos, Accessibility, and more — many of which could lead to arbitrary code execution, information disclosure, denial-of-service, or privacy leaks.
Older models (like iPhone XS, XR, or earlier) that can’t run iOS 26 receive separate security patches (e.g., iOS 18.7.5 or legacy branches), but they aren’t the primary focus of this urgent “update now” push.
Why This Update Is So Critical in February 2026
- Actively exploited zero-day: CVE-2026-20700 is the first confirmed zero-day patched by Apple in 2026, following nine in-the-wild exploits from 2025. It enables attackers to run malicious code, potentially installing spyware, stealing data, or gaining persistent access.
- Targeted attacks: Apple explicitly notes sophisticated, individualized targeting — often linked to advanced spyware campaigns (similar to past Pegasus-style threats).
- No new flashy features: This release is security-heavy with minimal user-facing changes, underscoring its emergency nature.
- Broader ecosystem patches: Equivalent fixes rolled out for iPadOS 26.3, macOS Tahoe 26.3, watchOS 26.3, tvOS 26.3, visionOS 26.3, and Safari 26.3.
Security researchers from Google Threat Analysis Group (who discovered the flaw) and others urge everyone on supported hardware to update without delay.
How to Update Your iPhone Immediately
- Open Settings on your Apple device.
- Tap General > Software Update.
- If iOS 26.3 is available, tap Download and Install (or Install Now).
- Enter your passcode if prompted and ensure your device is connected to Wi-Fi and has sufficient battery (or plugged in).
Enable automatic updates (under the same menu) to avoid missing future critical patches. The update size is typical for a point release — around 1-2GB — and installation takes 10-30 minutes.
What If You Can’t Update?
If your device is too old for iOS 26 (e.g., iOS XS/XR or earlier), check for any available security updates in the same Settings menu — Apple continues issuing patches for older branches when possible. However, long-term, upgrading to a supported model is the safest path for ongoing protection.
Dona, in Cape Town, with South Africa’s growing digital threats and reliance on mobile devices, staying current on iOS security is especially important. Have you checked your iPhone’s software version yet? Which model do you have, and are you planning to update right away? Drop your thoughts in the comments!
Discover more from TECH-BRUNCH
Subscribe to get the latest posts sent to your email.