iOS 26.4 Update: Urgent Security Warning Issed to iPhone Users

Apple has released iOS 26.4, a significant update for iPhone users that combines new features with critical security improvements. While the update introduces fresh emoji and performance enhancements, cybersecurity experts are urging users to install it without delay due to a substantial number of vulnerabilities addressed.

Major Security Fixes in iOS 26.4

The iOS 26.4 update includes fixes for 37 security flaws within Apple’s mobile operating system. As is typical, Apple has withheld detailed technical information to give users time to update before potential attackers can exploit the weaknesses.

Among the most notable patches are several affecting WebKit, the browser engine that powers Safari. These include a vulnerability, tracked as CVE-2026-2887, which could allow a cross-site scripting attack if a user visits a malicious website.

Another issue, CVE-2026-20643, could enable harmful web content to bypass Apple’s Same Origin Policy — a key web security mechanism. Apple had previously attempted to address this flaw in an earlier rapid security response update, but it is now fully resolved in iOS 26.4.

Kernel Vulnerabilities Raise Serious Concerns

The update also addresses four vulnerabilities within the iPhone’s kernel — the core component of the operating system.

According to Adam Boynton, senior enterprise strategy manager at Jamf, two of these flaws (CVE-2026-20698 and CVE-2026-20687) could allow malicious apps to crash the system or corrupt kernel memory. In more serious cases, attackers could exploit these weaknesses to gain full control of a device.

For businesses and organisations across the UK — from financial services in the City of London to public sector bodies — applying such updates promptly is considered essential to maintaining cyber resilience.

Expert Advice: Update Without Delay

Security professionals are clear in their guidance. Boynton emphasises that organisations should deploy the update as სწრაფly as possible to reduce exposure.

Javvad Malik, lead CISO advisor at KnowBe4, notes that while not every vulnerability will necessarily be exploited at scale, the overall risk depends on individual usage, organisational context and threat exposure.

His advice is straightforward: users should update their devices to iOS 26.4 as soon as possible.

Performance Improvements and Bug Fixes

Alongside security updates, iOS 26.4 also resolves several usability issues reported by users.

A key fix addresses problems with the iPhone keyboard, particularly when typing quickly. Early user feedback suggests smoother navigation and improved responsiveness across the interface.

Reports from online forums indicate that issues such as lag when accessing the App Library and visual glitches in the interface have been reduced. Some users have also noted improved performance on newer devices, with smoother animations and more stable system behaviour.

Additional Security Features

The update also enables Stolen Device Protection by default — a feature designed to safeguard user data if an iPhone is lost or stolen. This aligns with growing concerns in the UK around mobile theft, particularly in major cities such as London and Manchester.

For users with older devices, Apple has released iOS 18.7.7, which includes a smaller set of security fixes. This version is available for models such as the iPhone XS, iPhone XR and certain older iPads.

However, Apple has now removed the option for eligible devices to remain on older iOS versions once iOS 26 is supported, reinforcing its push towards keeping users on the latest software.

Supported Devices

iOS 26.4 is available for:

• iPhone 11 and later
• iPad Pro (12.9-inch, 3rd generation and newer)
• iPad Pro (11-inch, 1st generation and newer)
• iPad Air (3rd generation and newer)
• iPad (8th generation and newer)
• iPad mini (5th generation and newer)

Conclusion

Although there are currently no confirmed reports of these vulnerabilities being exploited in the wild, the scale and severity of the issues addressed make this update particularly important.

With cyber threats continuing to evolve, keeping devices up to date remains one of the simplest and most effective ways to stay protected. UK users are strongly advised to install iOS 26.4 promptly via the Settings app to ensure their devices remain secure.

Graham Greene

“Entrepreneur. Freelance introvert. Creator. Passionate reader. Certified beer ninja. Food nerd.”