Over 60 Security Fixes in iOS 26.5
Apple’s iOS 26.5 security update delivers more than 60 security fixes, making it one of the most important iPhone security patches in recent months. Six critical kernel vulnerabilities were addressed, including CVE-2026-28951, which could have allowed a malicious app to gain root privileges and effectively take control of the device. Apple also fixed around a dozen WebKit issues, such as CVE-2026-28962, where simply interacting with malicious web content might have exposed sensitive user data. Another flaw, CVE-2026-28995 in App Intents, could let a hostile app escape its sandbox and access data or functions it should not see. Even though none of these vulnerabilities are currently known to be actively exploited, they affect core components attackers frequently chain together. Installing the iOS 26.5 security update closes these dangerous gaps before they can be used.
Why These Kernel and WebKit Vulnerabilities Matter
The newly patched critical kernel vulnerabilities and WebKit security fixes target the same components attackers often rely on for advanced mobile exploits. Kernel issues can enable privilege escalation, turning a seemingly harmless app into one with deep system access. WebKit bugs, on the other hand, are triggered through everyday browsing or in-app web views, making them ideal for drive-by attacks via malicious websites or links. Security experts note that the mix of kernel memory flaws, WebKit vulnerabilities, and an App Intents sandbox escape reflects a typical exploit chain, where one bug is used to gain a foothold and others to deepen control. One kernel vulnerability, CVE-2026-28943, was discovered by Google’s Threat Analysis Group, which focuses on state-backed and high-risk threats, underscoring the seriousness of these issues for both regular and high-value targets.
AI Researchers and the Arms Race Around iOS Security
The iOS 26.5 security update also highlights a growing AI-driven security arms race. A key WebKit flaw, CVE-2026-28942, was credited to researchers at Anthropic working with its Claude AI system, demonstrating how advanced AI tools can help defenders uncover subtle, high-impact vulnerabilities before attackers exploit them. At the same time, security specialists warn that adversaries are also using AI to streamline reconnaissance, vulnerability discovery, and exploit development. This dual use of AI means critical bugs can surface and be weaponized faster than ever. Apple’s rapid patching cycle—shipping over 60 fixes in iOS 26.5 just weeks after earlier updates—shows how quickly the threat landscape is evolving. Updating promptly is no longer optional hygiene; it is a key defense against both human and AI-augmented attackers targeting the iPhone ecosystem.
New Features: Encrypted RCS Messaging and Pride Wallpaper
Beyond the iOS 26.5 security update, Apple has added several notable features. End-to-end encrypted RCS messaging (in beta) is now available in Messages with supported carriers, bringing more secure rich-text conversations between iPhone and Android users. This means modern features like typing indicators and higher-quality media can be enjoyed with the same privacy guarantees as iMessage, once fully rolled out. Apple also introduced a downloadable Pride Luminance wallpaper, which dynamically refracts a spectrum of colors and can be customized on compatible devices. Additionally, a new “Suggested Places” feature in Maps surfaces recommendations based on trending spots nearby and your recent searches. While these enhancements are appealing, Apple emphasizes that the primary reason to install iOS 26.5 remains its extensive security content, which helps protect both personal data and everyday communications.
How to Install iOS 26.5 and Updates for Older Devices
Installing iOS 26.5 is straightforward and should be done as soon as possible. First, back up your iPhone or iPad to iCloud or a computer. Then open Settings, go to General, tap Software Update, and choose Update Now to download and install. Your device will restart once the process completes. iOS 26.5 is available for iPhone 11 and later, while compatible iPads include models from the 8th generation and iPad mini 5th generation onward. Older hardware has not been left behind: Apple released iOS 18.7.9 and iPadOS 18.7.9 for iPhone XS, iPhone XS Max, iPhone XR, and iPad 7th generation, alongside additional updates such as iPadOS 17.7.11, iOS 16.7.16, and iOS 15.8.8. Users can also update via a computer using IPSW firmware files if they prefer a manual installation method.