WHAT ARE YOU LOOKING FOR?

Popular Tags

Raleigh, NC

32°F
Few Clouds Humidity: 60%
Wind: 3.6 M/S

Apple Releases Security Updates to Fix a Zero‑Day Flaw Under Active Exploitation Affecting iOS, macOS, and Other Products

Security Hits: 77
Apple Releases Security Updates to Fix a Zero‑Day Flaw Under Active Exploitation Affecting iOS, macOS, and Other Products

Apple on Wednesday rolled out updates for iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS to fix a zero‑day vulnerability that the company says was actively exploited in highly sophisticated cyberattacks.  The flaw, identified as CVE‑2026‑20700 (CVSS score: N/A), is described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. An attacker with the ability to write to memory could exploit this bug to execute arbitrary code on affected devices. Google’s Threat Analysis Group (TAG) discovered and reported the issue.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS prior to iOS 26,” the company noted in its advisory. “CVE‑2025‑14174 and CVE‑2025‑43529 were also issued in response to this report.”

Both CVE‑2025‑14174 and CVE‑2025‑43529 were previously patched in December 2025. Google had earlier confirmed that CVE‑2025‑14174 was under active exploitation.

  • CVE‑2025‑14174 (CVSS: 8.8) is an out‑of‑bounds memory access vulnerability found in ANGLE’s Metal renderer. Metal is Apple’s high‑performance graphics and compute API.
  • CVE‑2025‑43529 (CVSS: 8.8) is a use‑after‑free vulnerability in WebKit that could enable remote code execution through malicious web content.

Devices and OS versions receiving the latest updates

  • iOS 26.3 / iPadOS 26.3 – iPhone 11 and later;
    iPad Pro 12.9‑inch (3rd gen+) , iPad Pro 11‑inch (1st gen+), iPad Air (3rd gen+), iPad (8th gen+), iPad mini (5th gen+)
  • macOS Tahoe 26.3 – All Macs running macOS Tahoe
  • tvOS 26.3 – Apple TV HD and all Apple TV 4K models
  • watchOS 26.3 – Apple Watch Series 6 and newer
  • visionOS 26.3 – All Apple Vision Pro models

Updates for older devices and OS versions
Apple also pushed patches for legacy platforms to address additional vulnerabilities:

  • iOS / iPadOS 18.7.5 – iPhone XS, XS Max, XR, and iPad (7th gen)
  • macOS Sequoia 15.7.4 – Macs running macOS Sequoia
  • macOS Sonoma 14.8.4 – Macs running macOS Sonoma
  • Safari 26.3 – Safari updates for macOS Sonoma and macOS Sequoia

With these patches, Apple has remediated its first actively exploited zero‑day of 2026. By comparison, the company addressed nine zero‑days in 2025 that were confirmed to be exploited in real‑world attacks.

Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post. 

Image
Back To Top

Cybersecurity Insight delivers timely updates on global cybersecurity developments, including recent system breaches, cyber-attacks, advancements in artificial intelligence (AI), and emerging technology innovations. Our goal is to keep viewers well-informed about the latest trends in technology and system security, and how these changes impact our lives and the broader ecosystem

Please fill the required field.