Apple is urging iPhone users to update to its latest software, iOS 26.3. The upgrade fixes 39 security flaws and is designed to block real-life attacks that threaten to take control of customers’ personal data.
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26,” the company wrote on its support page.
The security flaw boils down to an issue with the dyld, or Dynamic Link Editor. Brian Milbier, deputy CISO at Huntress, calls it “the doorman for your phone.”
“Every single app that wants to run must first pass through this doorman to be assembled and given permission to start,” he told Forbes. “Usually, the doorman checks credentials and places apps in a high-security ‘sandbox’ where they can’t touch your private data. This vulnerability allows an attacker to trick the doorman into handing over a master key before security checks even begin.”
Update your iPhone
The attackers don’t need anything from the user to hack into the phone. Experts believe that these attacks could be covertly delivering spyware, making the security update “one of the most important” in the history of the iPhone, reported Forbes.
Spyware typically targets business users, government employees, dissidents and journalists. Still, hackers can spread the attacks more widely, too.
“Anyone can be collateral damage,” Javvad Malik, lead security awareness advocate at KnowBe4, told Forbes. “So the practice takeaway is for people to install updates as soon as they become available.”
Businesses are often the most vulnerable to such attacks, said Adam Boynton, senior enterprise strategy manager at Jamf, a software company focused on mobile device management.
“For most organisations, there’s a dangerous gap between when Apple ships a fix and when it actually protects your business,” he said to Forbes. “Sometimes days, sometimes weeks – sometimes never.”
It’s significant because the software flaw gives up complete control of the device.
Regardless, it’s critical that iPhone users make the effort to update their devices. That step will protect personal information from being controlled by the attackers.
Defence against spyware
In addition to updating the iPhone, there are preventative steps users can take against spyware, according to Pieter Arntz, a security researcher at Malwarebytes.
It’s possible that users won’t notice anything off with their devices. Sometimes, though, attacks can manifest in accelerated battery drainage, the iPhone overheating, or unrecognised apps popping up.
Turning your device on and off can sometimes disrupt the attacks. Make it a habit to restart your iPhone periodically, and don’t click on any links that you can’t verify, Arntz writes.
If you believe you’re particularly vulnerable, you can use Apple’s Lockdown Mode. The feature limits certain functionality, but it’s the best way to protect against spyware. – Inc./Tribune News Service
