emeryjre
TUG Member
- Joined
- Feb 23, 2013
- Messages
- 3,994
- Reaction score
- 2,808
The article is pasted from Forbes Magazine
I Didn't post the link because many people cannot use the link
Bottom Line
You don't need to read the article unless you like geek talk
But do the upgrade expeditiously
Update May 12, 2026: This article, originally published on May 11, 2026, has been updated to include expert commentary about the issues fixed in iOS 26.5, as well as more details about which iPhones can run the upgrade.
Apple has released iOS 26.5, along with a warning to update now. That’s because iOS 26.5 fixes a hefty list of over 60 security flaws, many of which are serious.
Apple doesn’t provide much detail about what’s fixed in iOS 26.5, to give iPhone users time to update before attackers can get hold of the details.
Among the list of iOS 26.5 patches are six in the Kernel at the heart of the iOS operating system, including CVE-2026-28951, which could allow an app to gain root privileges. The iOS 26.5 update also fixes around a dozen bugs in WebKit, which underpins the Safari browser, according to Apple’s support page.
PROMOTED
MORE FOR YOU
Meanwhile, an issue in App Intents tracked as CVE-2026-28995 could allow a malicious app to break out of its sandbox.
The high concentration of WebKit vulnerabilities alongside kernel memory issues and an App Intents sandbox escape bug “reflects the types of components commonly chained together in modern mobile attacks,” says Adam Boynton, senior enterprise strategy manager at Jamf.
While Boynton concedes that none of the vulnerabilities patched in iOS 26.5 are reported as actively exploited, he says that Apple’s support page reveals the sort of attacks plaguing iPhone users currently. “One kernel vulnerability CVE-2026-28943 was credited to Google’s Threat Analysis Group, which focuses on state-backed threats and high-risk users, while a separate WebKit flaw CVE-2026-28942 was credited to Anthropic researchers working with Claude.”
The Prompt: Get the week’s biggest AI news on the buzziest companies and boldest breakthroughs, in your inbox.
Email Address
Sign Up
By signing up, you agree to receive this newsletter, other updates about Forbes and its affiliates’ offerings, our Terms of Service (including resolving disputes on an individual basis via arbitration), and you acknowledge our Privacy Statement. Forbes is protected by reCAPTCHA, and the Google Privacy Policy and Terms of Service apply.
This indicates that the fixes issued in iOS 26.5 are in some cases very serious, as well as showing how AI such as Anthropic’s Claude can help identify issues that need patching.
However, the number of flaws being identified as adversaries also make use of AI tools to perform attacks also makes it important that people update their devices as quickly as possible.
00:00
03:12
Read More
Apple has also released iOS 18.7.9, including similar fixes to iOS 26.5 for older devices. Sadly for those looking to stay on iOS 18, this confirms that iOS 18.7.7 and iOS 18.7.8 — which could be applied to newer iPhones — were a rare occurrence due to the seriousness of the patches.
The iOS 26.5 upgrade is available for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.
Meanwhile, Apple’s iOS 18.7.9 and iPadOs 18.7.9 are available for iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation only.
Apple’s iOS 26.5 comes just a couple weeks after the iOS 26.4.2 emergency iPhone upgrade, which fixed a serious notifications bug that could enable someone to read your deleted notifications.
The iOS 26.5 upgrade comes six weeks after the last major point update iOS 26.4, which included 37 security fixes.
From iOS 26.5, Android and Apple users will be able to enjoy more privacy via RCS messaging, in beta to start, as long as your carrier supports this and your iPhone can run iOS 26.
Jake Moore, global cybersecurity advisor at ESET, warns that spyware remains a big problem for Apple’s iPhones. “Issues such as WebKit zero days are especially concerning because simply visiting a malicious webpage could be enough to trigger them, with no download or even any user interaction required to cause damage,” he explains.
This, in addition to “the sheer volume of updates in this latest version” makes it worth upgrading to iOS 26.5 now, he says.
So, what are you waiting for? Go to your iPhone’s Settings > General > Software Update and download and install iOS 26.5 now.
Editorial StandardsReprints & Permissions
Find Kate O'Flaherty on LinkedIn and X.
Follow Author
One Community. Many Voices. Create a free account to share your thoughts.
Read our community guidelines here.
See All Comments
LOADING VIDEO PLAYER...
I Didn't post the link because many people cannot use the link
Bottom Line
You don't need to read the article unless you like geek talk
But do the upgrade expeditiously
Update May 12, 2026: This article, originally published on May 11, 2026, has been updated to include expert commentary about the issues fixed in iOS 26.5, as well as more details about which iPhones can run the upgrade.
Apple has released iOS 26.5, along with a warning to update now. That’s because iOS 26.5 fixes a hefty list of over 60 security flaws, many of which are serious.
Apple doesn’t provide much detail about what’s fixed in iOS 26.5, to give iPhone users time to update before attackers can get hold of the details.
Among the list of iOS 26.5 patches are six in the Kernel at the heart of the iOS operating system, including CVE-2026-28951, which could allow an app to gain root privileges. The iOS 26.5 update also fixes around a dozen bugs in WebKit, which underpins the Safari browser, according to Apple’s support page.
PROMOTED
How iOS 26.5 Flaws Can Be Chained Together In Attacks
Among the WebKit flaws fixed in iOS 26.5 are CVE-2026-43660 and CVE-2026-28907, where processing maliciously crafted web content may prevent Content Security Policy from being enforced. Another WebKit issue tracked as CVE-2026-28962 could see a user disclose sensitive user information if they interact with maliciously crafted web content.MORE FOR YOU
‘We Apologize’—Microsoft Confirms Windows Update Mistake
Apple’s Surprise Free Offer To iPhone 13 Users Is Now Live For iPhones
iOS 18.6.2—Update Now Warning Issued To All iPhone Users
Meanwhile, an issue in App Intents tracked as CVE-2026-28995 could allow a malicious app to break out of its sandbox.
The high concentration of WebKit vulnerabilities alongside kernel memory issues and an App Intents sandbox escape bug “reflects the types of components commonly chained together in modern mobile attacks,” says Adam Boynton, senior enterprise strategy manager at Jamf.
While Boynton concedes that none of the vulnerabilities patched in iOS 26.5 are reported as actively exploited, he says that Apple’s support page reveals the sort of attacks plaguing iPhone users currently. “One kernel vulnerability CVE-2026-28943 was credited to Google’s Threat Analysis Group, which focuses on state-backed threats and high-risk users, while a separate WebKit flaw CVE-2026-28942 was credited to Anthropic researchers working with Claude.”
The Prompt: Get the week’s biggest AI news on the buzziest companies and boldest breakthroughs, in your inbox.
Email Address
Sign Up
By signing up, you agree to receive this newsletter, other updates about Forbes and its affiliates’ offerings, our Terms of Service (including resolving disputes on an individual basis via arbitration), and you acknowledge our Privacy Statement. Forbes is protected by reCAPTCHA, and the Google Privacy Policy and Terms of Service apply.
This indicates that the fixes issued in iOS 26.5 are in some cases very serious, as well as showing how AI such as Anthropic’s Claude can help identify issues that need patching.
However, the number of flaws being identified as adversaries also make use of AI tools to perform attacks also makes it important that people update their devices as quickly as possible.
00:00
03:12
Read More
Other iPhone Fixes Confirm Newer Devices Must Update To iOS 26.5
Alongside iOS 26.5, Apple has released iPadOS 17.7.11, iOS 16.7.16 and iOS 15.8.8, patching the same notifications flaw.Apple has also released iOS 18.7.9, including similar fixes to iOS 26.5 for older devices. Sadly for those looking to stay on iOS 18, this confirms that iOS 18.7.7 and iOS 18.7.8 — which could be applied to newer iPhones — were a rare occurrence due to the seriousness of the patches.
The iOS 26.5 upgrade is available for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.
Meanwhile, Apple’s iOS 18.7.9 and iPadOs 18.7.9 are available for iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation only.
Apple’s iOS 26.5 comes just a couple weeks after the iOS 26.4.2 emergency iPhone upgrade, which fixed a serious notifications bug that could enable someone to read your deleted notifications.
The iOS 26.5 upgrade comes six weeks after the last major point update iOS 26.4, which included 37 security fixes.
Apple’s iOS 26.5 Adds RCS to iPhones
Along with security and bug fixes in iOS 26.5, Apple has also added a number of new features, the most significant of which is RCS. While Apple’s iMessage is encrypted for messaging between users, messages between Android devices and iPhones is not — until now.From iOS 26.5, Android and Apple users will be able to enjoy more privacy via RCS messaging, in beta to start, as long as your carrier supports this and your iPhone can run iOS 26.
Why You Should Update To iOS 26.5 Now
The iOS 26.5 upgrade includes one of the longest list of security flaws I have ever seen in an Apple release. This alone makes it worth updating as soon as possible.Jake Moore, global cybersecurity advisor at ESET, warns that spyware remains a big problem for Apple’s iPhones. “Issues such as WebKit zero days are especially concerning because simply visiting a malicious webpage could be enough to trigger them, with no download or even any user interaction required to cause damage,” he explains.
This, in addition to “the sheer volume of updates in this latest version” makes it worth upgrading to iOS 26.5 now, he says.
So, what are you waiting for? Go to your iPhone’s Settings > General > Software Update and download and install iOS 26.5 now.
Editorial StandardsReprints & Permissions
Find Kate O'Flaherty on LinkedIn and X.
Follow Author
Join The Conversation
CommentsOne Community. Many Voices. Create a free account to share your thoughts.
Read our community guidelines here.
See All Comments
LOADING VIDEO PLAYER...
