SAN FRANCISCO, Jan 18, 2026, 02:18 (PST)
- After identifying attacks targeting iOS vulnerabilities, Apple is urging users to update to iOS 26.2 or iOS 18.7.3.
- Adoption of iOS 26 has been surprisingly sluggish, sparking debate about whether tracking data is underreporting its true reach.
- Security researchers note that rebooting iPhones may temporarily halt certain spyware, but software updates are still the reliable solution.
Apple is urging iPhone users to update to iOS 26.2 or iOS 18.7.3 following detection of active exploits targeting vulnerabilities in its software. Some users are also being advised to reboot their devices if they haven’t applied the update yet. 1
The pressure is real as the company works to patch a security hole, especially since a lot of users still rely on older software—a scenario Apple rarely encounters this far along in an iPhone update cycle.
Measuring that reluctance hasn’t been straightforward. StatCounter, a web analytics firm, revealed that Apple’s Safari browser is mistakenly identifying some iOS 26 devices as running iOS 18. The company is currently working on a solution. 2
On Jan. 17, Forbes reported that Apple’s update policy now requires “from Dec. 12 onwards” for hundreds of millions of iPhones to “upgrade to iOS 26,” eliminating any option to delay. 3
According to Cult of Mac, referencing StatCounter’s January figures, just around 15% of iPhone users had upgraded to some iteration of iOS 26 about four months after its release in mid-September. The publication suggests the “Liquid Glass” redesign might be playing a role here. This new look from Apple features translucent, see-through elements combined with blur effects. 4
Ars Technica described the situation as “complicated,” pointing out that the headline adoption numbers might seem worse than reality and emphasizing that the backlash against Liquid Glass doesn’t fully account for the entire gap. 5
Apple hasn’t shared specifics on the targets, but its security notes mention being “aware of a report” that some WebKit flaws “may have been exploited” in an “extremely sophisticated attack” aimed at certain individuals using iOS versions prior to iOS 26. WebKit is the browser engine powering Safari and, on iPhones, the browsing framework for other browsers as well. 6
Apple’s security advisory reveals that iOS 26.2 dropped on Dec. 12, 2025, targeting iPhone 11 and newer models. The update patches numerous problems, notably WebKit flaws exploitable via malicious web content. 7
On the same day, Apple rolled out iOS 18.7.3 for older devices like the iPhone XS, XS Max, and XR that aren’t compatible with iOS 26, according to its security notes. 8
Security experts note that rebooting can make a difference in the brief period before users apply updates. Pieter Arntz, a researcher at Malwarebytes, explained that “when you restart your device, any memory-resident malware is flushed—unless it has somehow gained persistence.” 9
There are, however, some caveats. The attacks Apple outlined were targeted, and rebooting doesn’t fix the problem—it merely interrupts certain malware briefly if the root vulnerability persists. The bigger question is whether this push for updates signals a long-term change in Apple’s strategy or just a temporary reaction to a particular threat and complicated telemetry data.
Apple has traditionally touted rapid, widespread software updates as a major edge over Android competitors, which depend on carriers and various manufacturers to deliver patches. But the slower adoption of iOS 26 — and questions about whether those numbers are being underestimated — challenge that story, especially as Apple leans more on major version releases to secure devices.
