If you’re delaying updating to the iOS 26.3, iPadOS 26.3, and macOS Tahoe 26.3 updates that were released earlier this week, you might want to reconsider that decision. Apple says the updates fix dozens of security vulnerabilities, including one that has already been actively exploited.
That actively exploited vulnerability is in the dyld dynamic link editor and it allows bad actors to execute arbitrary code. Apple says the bug may have been exploited in an “extremely sophisticated attack” against targeted individuals.
An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
Apple says it fixed the memory corruption issue by using improved state management.
Numerous other vulnerabilities that were also fixed across not only iOS, iPadOS, and macOS, but also Apple’s other platforms that were all updated earlier this week.
Apple recommends all users update their devices to iOS 26.3, iPadOS 26.3, and macOS Tahoe 26.3 as soon as possible.
(Via MacRumors)
