It’s once again time to update your Apple devices. The company just released a whole host of security patches, including a fix for an actively exploited zero-day affecting iOS 26, iPadOS 26, and macOS Tahoe. These updates arrived alongside the official release of iOS 26.3, which includes features like more seamless data transfer between iPhone and Android. Other security patches address bugs in Photos, VoiceOver, and Screenshots, to name a few.
iOS 26.3 patches a zero-day affecting dyld
According to Apple’s latest security bulletin, the zero-day—tracked as CVE-2026-20700—is a memory corruption issue in dyld, Apple’s “Dynamic Link Editor.” The flaw could allow attackers with memory write capability to execute arbitrary code—or, in other words, run their own code on your device.
Apple says that the vulnerability may have been exploited in an “extremely sophisticated attack against specific targeted individuals” in earlier versions of iOS alongside CVE-2025-14174 and CVE-2025-43529. Those at greatest risk with this bug are likely high-profile users with access to sensitive data—users who might be inclined to use Apple’s Lockdown Mode—but everyone should install the update to patch the issue.
The patch for this flaw is available for the following iOS and iPadOS devices, in addition to all Macs that run macOS Tahoe:
-
iPhone 11 and later
-
iPad Pro 12.9-inch 3rd generation and later
-
iPad Pro 11-inch 1st generation and later
-
iPad Air 3rd generation and later
-
iPad 8th generation and later
-
iPad mini 5th generation and later
How to install the latest security update for iPhone
You should have automatic updates enabled to ensure you receive critical security patches ASAP, but you can confirm that you’re on the latest OS version under Settings > General > Software Update. As a reminder, Apple won’t message you urging you to click links, download attachments, or install apps related to security updates. Always go through your device settings to receive official fixes.