Cybersecurity News Kinetic Potential

iOS, macOS 26.4 Roll Out With Fresh Security Patches

Wed, 03/25/2026 - 10:12 / 0 Comments

Apple on Tuesday rolled out a fresh wave of security updates to resolve more than 80 vulnerabilities across its mobile and desktop operating systems.

iOS 26.4 and iPadOS 26.4 were released for the latest generation iPhone and iPad devices with patches for nearly 40 security defects.

WebKit received fixes for eight bugs that could be exploited by malicious websites to bypass policy enforcement, mount XSS attacks, fingerprint users, escape the sandbox, or crash the process.

Issues addressed in the kernel could be exploited to disclose kernel memory, leak sensitive kernel state, corrupt kernel memory, or write kernel memory.

Vulnerabilities resolved in other components may lead to network traffic interception, access to biometrics-gated Protected Apps, process crashes, app termination, denial-of-service (DoS), installed apps enumeration, sandbox escape, and access to sensitive information.

Patches for roughly two dozen of these security defects were delivered to users of older devices as part of the iOS 18.7.7 and iPadOS 18.7.7 security updates.

On Tuesday, Apple also rolled out macOS Tahoe 26.4 with fixes for over 75 bugs, including roughly 30 flaws that were addressed with the iOS 26.4 and iPadOS 26.4 updates.

The patches target issues in dozens of native components, but also vulnerabilities in third-party open source dependencies, including multiple Apache libraries, Curl, and LibPNG.

Additionally, Apple released macOS Sequoia 15.7.5 and macOS Sonoma 14.8.5 with patches for over 50 of these vulnerabilities each.

While tvOS 26.4 and watchOS 26.4 were rolled out with fixes for over a dozen vulnerabilities each, visionOS 26.4 is bringing patches for nearly 30 bugs to its users.

On Tuesday, Apple also announced the release of Safari 26.4 with fixes for the eight WebKit bugs. Xcode 26.4 was rolled out with patches for two flaws.

Apple makes no mention of any of these security defects being exploited in the wild. Additional information on the updates can be found on the company’s security advisories page.

This article was published by Security Week. Please check their website for the original content.

Add new comment

About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
15 + 2 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Share The Story


Stay informed - subscribe to our newsletter.
The subscriber's email address.

Recent Posts