Apple Is Changing Its Approach to Releasing Security Updates Due to Threats From Artificial Intelligence.

While the tech world’s attention is currently focused on iOS 27 , Apple continues to release updates for iOS 26. While we’re unlikely to get another feature-rich release in the “26” era, there will always be bugs and security vulnerabilities that need to be fixed when Apple or third-party researchers discover them. A case in pointis Monday’s release of iOS 26.5.2 , which includes fixes for 29 security vulnerabilities.
However, what’s more interesting than the bugs these patches fix is that the company didn’t initially plan to release them in this form. In fact, iOS 26.5.2 marks a dramatic shift in Apple’s approach to distributing security updates, largely due to potential threats from new AI models.
Apple is changing the way it handles security updates.
iOS 26.5.2 was not originally planned. Earlier this week, Apple told Reuters that these patches were intended for a future version of iOS—possibly iOS 26.6—but the company is changing its approach to releasing security updates, particularly due to security threats posed by models like Anthropic’s Claude Mythos . These models easily detect software vulnerabilities earlier than human researchers, and therefore Apple believes it is necessary to release patches as soon as they become available. Traditionally, the company includes security patches in regular software updates, unlike other companies, which separate security patches from feature updates. But as these new AI models become more widespread and the risk of vulnerabilities being discovered by attackers increases, Apple will now release new patches much earlier than usual.
Therefore, you should expect your Apple devices to receive more updates than before. I wouldn’t be surprised if iOS 26.5.3 is released before iOS 26.6, and Apple may release more updates for iOS 26 than usual before iOS 27 launches this fall. Always update your devices as soon as these updates become available, as the threat posed by AI-based security models is truly significant.
Here’s what iOS 26.5.2 fixes.
First, the good news: none of these vulnerabilities appear to be zero-days. A zero-day is a security vulnerability that is publicly disclosed or actively exploited before the software developer has time to release a patch. They are particularly dangerous because they give hackers an advantage: they can try to find an exploit—or worse, exploit that exploit—until the developer releases an update and their users install it. Fortunately, none of these vulnerabilities appear to be critical, meaning the situation isn’t critical. Still, any unpatched security vulnerability is concerning, and now that they’ve been disclosed, it’s only a matter of time before someone figures out how to exploit them—especially with new AI models. Therefore, it’s important to install iOS 26.5.2 as soon as possible.
According to Apple’s official security update release notes, iOS 26.5.2 (and iPadOS 26.5.2) fixes 29 security vulnerabilities. Many of these relate to how WebKit, Apple’s rendering engine used in Safari, secures user data. You’ll find some vulnerabilities that could leak sensitive data if a user processes malicious web content (such as clicking a fraudulent link), as well as one that could leak sensitive data simply by visiting a website, even if that site isn’t necessarily malicious. Another patch addresses a vulnerability that allows malicious websites to process data outside the “sandbox,” or protected element where Apple stores websites to prevent them from penetrating protected parts of iOS, and yet another fixes a vulnerability that could steal clipboard data without your knowledge.
Below you’ll find a list of 29 patches, along with their descriptions, a description of the fix, and the CVE (Common Vulnerabilities and Exposures) number used to track them. We’d like to emphasize once again that none of these vulnerabilities have known active exploits.
-
IOGPUFamily : An application could cause an unexpected system termination. A race condition was addressed through improved state handling. CVE-2026-43743: Liutong, Dong
-
Kernel : An application could cause an unexpected system termination or write to kernel memory. This issue was addressed through improved input validation. CVE-2026-43724:
-
Kernel : An application could leak sensitive kernel state information. This issue was addressed through improved input validation. CVE-2026-43722.
-
Kernel : An application could cause an unexpected system termination or kernel memory corruption. This issue was addressed through improved input validation. CVE-2026-39868.
-
libxslt : Processing specially crafted malicious web content may cause an unexpected process crash. A double-free issue was addressed through improved memory management. CVE-2026-43706.
-
libxslt : Processing specially crafted malicious web content could lead to an unexpected process crash. This issue was addressed through improved memory handling. CVE-2026-43703.
-
Web Extensions : A malicious web extension could cause an unexpected process crash. A use-after-free issue was addressed through improved memory management. CVE-2026-43704.
-
WebKit : Processing specially crafted malicious web content may lead to the disclosure of sensitive user information. Addressed a cross-domain access issue through improved security origin tracking. CVE-2026-43700.
-
WebKit : A malicious website may be able to pass data from another origin. This issue was addressed through improved validation. CVE-2026-43735.
-
WebKit : Processing specially crafted malicious web content may cause an unexpected process crash. A use-after-free issue was addressed through improved memory management. CVE-2026-43734/CVE-2026-43726/CVE-2026-43709/CVE-2026-43699/CVE-2026-43742.
-
WebKit : Processing specially crafted malicious web content may lead to the disclosure of sensitive user information. Addressed a path handling issue through improved validation. CVE-2026-43732.
-
WebKit : Processing specially crafted malicious web content may lead to memory corruption. A use-after-free issue was addressed through improved memory management. CVE-2026-43731/CVE-2026-43715.
-
WebKit : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. A use-after-free issue was addressed through improved memory management. CVE-2026-43727.
-
WebKit : A malicious website may be able to process restricted web content outside of the sandbox. This issue was addressed through improved input validation. CVE-2026-43725.
-
WebKit : Processing specially crafted malicious web content may cause the process to crash unexpectedly. This issue was addressed through improved memory handling. CVE-2026-43663/CVE-2026-39872/CVE-2026-43712.
-
WebKit : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. This issue was addressed through improved memory handling. CVE-2026-43716.
-
WebKit : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. An out-of-bounds access issue was addressed through improved bounds checking. CVE-2026-43676.
-
WebKit : Processing specially crafted malicious web content may lead to process memory disclosure. This issue was addressed through improved memory handling. CVE-2026-43740.
-
WebKit : Visiting a website may lead to sensitive data leakage. Addressed permissions issue with additional restrictions. CVE-2026-43713.
-
WebKit : A malicious website may be able to pass data from another origin. This issue was addressed through improved input validation. CVE-2026-43708.
-
WebKit : Processing specially crafted malicious web content may cause the process to crash unexpectedly. A memory corruption issue was addressed through improved memory handling. CVE-2026-43707.
-
WebKit : Processing specially crafted malicious web content can lead to memory corruption. A type mismatch issue was addressed through improved validation. CVE-2026-43705.
-
WebKit : A malicious website could process restricted web content outside the sandbox. This issue was addressed through improved checks. CVE-2026-43701.
-
WebKit : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. An out-of-bounds write issue was addressed through improved input validation. CVE-2026-43745.
-
WebKit Canvas : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. A use-after-free issue is addressed through improved memory management. CVE-2026-43720.
-
WebKit Storage : A malicious website could silently intercept clipboard data. This issue was addressed through improved state management. CVE-2026-43721.
-
WebRTC : Processing specially crafted malicious web content may cause the process to crash unexpectedly. An out-of-bounds access issue was addressed through improved bounds checking. CVE-2026-28979.
-
WebRTC : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. Addressed a stack overflow issue with improved input validation. CVE-2026-43718.
-
WebRTC : Processing specially crafted malicious web content may cause Safari to crash unexpectedly. A use-after-free issue was addressed through improved memory management. CVE-2026-43717/CVE-2026-43746.
How to update iOS to version 26.5.2
Installing this security update is similar to installing any other iOS update. If you have automatic updates enabled, the OS should update automatically at the scheduled time. However, you can initiate the process manually by going to General > Software Update and following the on-screen instructions.