SAN FRANCISCO, Jan 16, 2026, 01:07 PST
- New warnings urge iPhone owners to update to iOS 26.2 (or iOS 18.7.3 on older models) and restart devices
- Apple has said the underlying WebKit flaws were used in “extremely sophisticated” targeted attacks
- Slow uptake of iOS 26 has left many devices on older software, according to StatCounter figures cited by Tom’s Guide
Fresh warnings are pushing iPhone owners to update their devices and reboot, after reports highlighted that security fixes for targeted attacks are tied to Apple’s latest iOS releases.
Why it matters now: Apple has linked two flaws in WebKit — the web engine behind Safari and all iPhone browsers — to attacks it describes as highly sophisticated. A successful hit can begin with maliciously crafted web content, turning routine browsing into a potential entry point.
The push lands in a messy moment for Apple’s software rollout. Security fixes for affected devices span iOS 26.2 for newer iPhones and iOS 18.7.3 for older models, leaving users who delay updates with fewer protections than they think they have.
In its security notes, Apple said it was “aware of a report” that the WebKit issues “may have been exploited” in an “extremely sophisticated attack” aimed at “specific targeted individuals” using versions of iOS before iOS 26. Apple credited Google’s Threat Analysis Group for one of the reports and said the other was identified with Apple and Google.
The bugs are tracked as CVE-2025-14174 and CVE-2025-43529, Apple’s advisories show. Apple said the fixes addressed a use-after-free issue and a memory corruption issue — both software failures that can let an attacker corrupt memory and potentially run code by steering the browser into the wrong state.
The risk is not limited to one app. WebKit underpins Safari and, because of Apple’s iOS browser rules, also sits beneath Chrome, Firefox and other iPhone browsers even when they carry different brand names.
Data suggests a lot of users still have not moved. StatCounter figures cited by Tom’s Guide put iOS 26 adoption at 15.4% of iPhones as of January 2026, the site reported, far behind the pace of prior iOS upgrades.
Some of the reluctance is about the interface, not security. BGR reported this week that iOS 26.2 adds new options meant to improve readability in Apple’s “ Liquid Glass” design, including fresh “Glass” and “Solid” choices for the lock-screen clock and toggles to cut transparency.
Security firms say the reboot step is not cosmetic. Malwarebytes researcher Pieter Arntz wrote on Jan. 13 that a restart can flush “memory-resident malware” — code that runs in a device’s working memory — “unless it has somehow gained persistence,” and he argued that “I’m not a target” is “not a viable safety strategy.”
Apple has separately warned users to watch for scams that piggyback on security headlines. “Apple threat notifications will never ask you to click any links,” the company says, advising users to verify alerts by signing into their Apple account rather than following prompts in messages.
Still, there are limits to what a reboot-and-update cycle can do. Apple has not disclosed who was targeted or how the attacks worked, and a restart will not help if an attacker has achieved persistence or if other unpatched flaws exist. The company’s own language also points to targeted operations — not a mass, consumer-wide outbreak — which means the biggest uncertainty is whether the tooling spreads beyond the initial victims.
