Khaberni - Apple has warned iPhone and iPad users of a serious security flaw in the browsing system.
It stated that the flaw exposes hundreds of millions of devices to cyber attacks that may exploit user data or take control of their devices.
Two security flaws
Apple’s team discovered two security flaws in WebKit, the core engine that powers the Safari browser, and all browsers on iOS and iPadOS systems.
According to the company's announcement, these vulnerabilities have already been exploited in targeted and sophisticated attacks on some individuals.
The vulnerabilities allow malicious sites to trick devices into executing harmful code simply by visiting a specifically designed site, giving hackers the possibility to access sensitive data, such as passwords, payment information, or even take complete control of the device.
Need for Updates
Despite Apple releasing an update that patches these vulnerabilities, the percentage of iOS users who have installed it is extremely low.
Estimates show that only about 50% of users have updated their devices to iOS 26, meaning that approximately 800 million devices around the world are still at risk.
Usage analysis institutions indicate that the actual percentage of those who have updated their operating systems might be much lower, increasing the likelihood of exploiting the vulnerabilities after the details are publicly disclosed by developers, as attackers become more capable of building effective attacks.
Experts confirm that updating to iOS 26.2 or higher is the only effective step to protect the device, as it closes the vulnerabilities, and that the problem cannot be solved through settings or browsing habits alone.
Devices at risk
According to Apple, the list of devices at risk if not updated includes iPhone 11 and newer models, and iPad Pro, iPad Air, and iPad mini that support older versions of iPadOS.
If your device is on this list and the update has not been installed, it remains susceptible to cyber attacks targeting these vulnerabilities.
To install the update, Apple advises users to go to settings, click on "General," then "Software Update," and check for the latest version.
Also, make sure the device is connected to a Wi-Fi network and the battery is sufficiently charged before installation.
Additional Protection Technologies
In addition to updates, expert recommendations stress the importance of using strong protection programs that help detect malicious links and sites, and protect sensitive data, especially when the attack is based on malicious site content that does not depend on direct user behavior.
