The Apple iPhone remains the leading smartphone in the U.S. and is widely used around the globe, with around 1.6 billion people relying on it daily. Given its massive user base, the risk of security vulnerabilities is significant.
Recently, Apple has been alerting users about serious security issues that may affect roughly half of all iPhone owners. This puts hundreds of millions of devices at risk.
Discoveries in Safari and WebKit
A late-month announcement from Apple revealed two critical vulnerabilities in WebKit, which underpins Safari and all iOS browsers. These vulnerabilities have reportedly been exploited in targeted attacks. It’s concerning because an unsuspecting user might inadvertently visit a malicious site that could execute harmful code on their device, potentially allowing an attacker to steal passwords and payment information.
The Ongoing Risk to Millions of iPhones
Apple quickly rolled out a fix in a recent software update, but many users have yet to install it. Estimates indicate that about 50% of eligible users have not upgraded from iOS 18 to iOS 26. This means up to 800 million devices could remain unprotected globally. According to StatCounter, the scenario is even bleaker: only about 20% of users have updated at all. Once security vulnerabilities are disclosed, the risk escalates as attackers know exactly what to look for.
Models at Risk
The affected devices include:
- iPhone 11 and newer
- iPad Pro 12.9 inch 3rd generation and newer
- iPad Pro 11 inch 1st generation and newer
- iPad Air 3rd generation and newer
- iPad 8th generation and newer
- iPad mini 5th generation and newer
If you own one of these devices and haven’t updated, you could be at risk.
Why Upgrading Matters
There really are no alternative measures that can adequately address this particular vulnerability. It’s rooted deep within the browser engine. Experts stress that the only effective prevention is to install the latest software. Apple will not roll out security-only updates for users holding onto iOS 18; the fix is exclusively available through iOS 26.2 and iPadOS 26.2 unless your device can’t run iOS 26.
How to Update Your iPhone or iPad
Generally, updates are quick and user-friendly. If automatic updates are enabled, you may already have the fix. If not, here’s how to manually update:
- Open the Settings app on your iPhone
- Tap General
- Select Software Update
- Download and install iOS 26.2 or iPadOS 26.2 or later
Be sure your device is connected to Wi-Fi and has sufficient battery power or is plugged in.
Pro Tip: Use Reliable Antivirus Software
While keeping your device updated is essential, it shouldn’t be your only line of defense. Strong antivirus software can add another layer of protection, scanning for malicious links and blocking harmful sites. This is becoming increasingly important, particularly if attacks exploit compromised websites or hidden vulnerabilities in browsers. Security software not only helps catch threats that might slip through but also gives you greater insight into your device’s safety.
Final Thoughts
Apple’s use of terms like “highly sophisticated” indicates the seriousness of this threat. This vulnerability signifies that even the most trusted browsers can become avenues for attacks if delays in updates occur. If you use your iPhone for sensitive activities like banking or shopping, consider this update urgent.
