If you own an iPhone or iPad running an older version of iOS or iPadOS, you’ll likely see a Lock Screen alert from Apple urging you to update to a newer version of your device’s operating system to protect against web-based attacks.
MacRumors reports the alert appears as a “Critical Software” notification from the Settings app, and warns of “attacks targeting out-of-date iOS software, including the version on your iPhone.” The alert urges users to install a critical update to protect their device.
Users report seeing the notifications on devices running a range of older iOS versions, including iOS 17.0, as well as the iOS 13 and iOS 14 devices that Apple specifically mentioned in its support documentation.
Update iOS to protect your iPhone from web attacks
If your iPhone doesn’t have the latest software, update iOS to protect your data.
Security researchers recently identified web-based attacks that target out-of-date versions of iOS through malicious web content. For example, if you’re using an older version of iOS and were to click a malicious link or visit a compromised website, the data on your iPhone might be at risk of being stolen.
We thoroughly investigated these issues as they were found and released software updates as quickly as possible for the most recent operating system versions to address vulnerabilities and disrupt such attacks.
If you have kept your iPhone software up to date, then you are already protected. Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products, and devices with updated software were not at risk from these reported attacks. Devices with Lockdown Mode enabled are also protected from these specific attacks, even on out-of-date software, but should be updated to the latest iOS version as soon as possible.
If your iPhone has an older version of iOS, update to protect your data:
Devices with the latest, updated versions of iOS 15 through iOS 26 are already protected. If you have not updated your software recently, update iOS on your iPhone.
We released a software update for iOS 15 and iOS 16 on March 11, 2026, to extend protection to older devices that cannot update to the latest version of iOS.
Devices with iOS 13 or iOS 14 must update to iOS 15 to receive these protections and will receive an additional alert to install a Critical Security Update in the next few days.
Apple Safe Browsing in Safari is on by default and blocks the malicious URL domains identified in these attacks.
Note: Users who are unable to update their device can consider enabling Lockdown Mode (if available) to protect against malicious web content and other threats.
Hackers are using iOS exploit kits known as “Coruna” and “DarkSword,” which take advantage of security holes in iOS 13 through to iOS 17.2.1. As seen above, by clicking a malicious link or visiting a compromised website, users with an unpatched device could have their data stolen.