Apple Releases Critical Security Updates to Address Actively Exploited Zero-Day Vulnerability
On February 12, 2026, Apple issued a series of security updates across its product lineup, including iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS, to patch a zero-day vulnerability that has been actively exploited in sophisticated cyber attacks.
Details of the Vulnerability
The identified flaw, designated as CVE-2026-20700, is a memory corruption issue within dyld, Apple’s Dynamic Link Editor. Exploitation of this vulnerability could enable attackers with memory write capabilities to execute arbitrary code on affected devices. The discovery and reporting of this issue are credited to Google’s Threat Analysis Group (TAG).
Apple acknowledged the severity of the situation, stating, Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. The company also referenced two related vulnerabilities, CVE-2025-14174 and CVE-2025-43529, which were addressed in December 2025 in response to the same report.
Background on Related Vulnerabilities
CVE-2025-14174 pertains to an out-of-bounds memory access issue in ANGLE’s Metal renderer component, a high-performance graphics and compute API developed by Apple. CVE-2025-43529 is a use-after-free vulnerability in WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. Both vulnerabilities were previously disclosed and patched, with CVE-2025-14174 being notably highlighted by Google for its exploitation in the wild.
Devices and Systems Affected
The recent updates are available for a range of Apple devices and operating systems, including:
– iOS 26.3 and iPadOS 26.3: Compatible with iPhone 11 and later models, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.
– macOS Tahoe 26.3: For Macs running macOS Tahoe.
– tvOS 26.3: Applicable to Apple TV HD and Apple TV 4K (all models).
– watchOS 26.3: For Apple Watch Series 6 and later.
– visionOS 26.3: For all models of Apple Vision Pro.
Additionally, Apple has released updates to address various vulnerabilities in older versions of its operating systems and Safari browser:
– iOS 18.7.5 and iPadOS 18.7.5: For iPhone XS, iPhone XS Max, iPhone XR, and iPad 7th generation.
– macOS Sequoia 15.7.4: For Macs running macOS Sequoia.
– macOS Sonoma 14.8.4: For Macs running macOS Sonoma.
– Safari 26.3: For Macs running macOS Sonoma and macOS Sequoia.
Implications and Recommendations
This marks Apple’s first actively exploited zero-day vulnerability addressed in 2026. In the previous year, the company patched nine zero-day vulnerabilities that were exploited in the wild. The recurrence of such vulnerabilities underscores the persistent threats targeting Apple devices and the importance of timely security updates.
Users are strongly advised to update their devices to the latest software versions promptly. Regularly updating devices ensures protection against known vulnerabilities and enhances overall security.
Conclusion
Apple’s swift response to the discovery of CVE-2026-20700 highlights the company’s commitment to user security. By collaborating with entities like Google’s Threat Analysis Group and addressing vulnerabilities promptly, Apple aims to safeguard its users from sophisticated cyber threats.
