Apple has rolled out new security updates for iOS 26.1 and iPadOS 26.1, released on November 3, 2025, introducing important fixes for a wide range of vulnerabilities.
The update is available for iPhone 11 and later models, along with several iPad models including iPad Pro (3rd generation and later), iPad Air (3rd generation and later), iPad (8th generation and later), and iPad mini (5th generation and later).
Major Vulnerabilities Fixed
The update addresses multiple security issues that could allow malicious apps to gain unauthorized access to sensitive data, bypass privacy settings, or cause device instability.
Apple credited several independent researchers and security teams for discovering these flaws.
One notable fix involves the Apple Neural Engine (CVE-2025-43447 and CVE-2025-43462), which previously allowed malicious apps to cause system crashes or corrupt kernel memory. Improved memory handling was implemented to prevent these issues.
Another major fix affects the Apple Account feature (CVE-2025-43455), where a malicious app could capture screenshots of embedded views containing private information. This was mitigated through stronger privacy checks.
The AppleMobileFileIntegrity and Assets components also received updates to stop apps from escaping sandbox restrictions or accessing protected data.
Vulnerabilities like CVE-2025-43379 and CVE-2025-43407 were corrected by enhancing validation and entitlements handling.
A large number of vulnerabilities were found in WebKit, the browser engine that powers Safari. These include multiple bugs that could lead to memory corruption, unsafe data leaks, or unexpected browser crashes.
Apple fixed these problems with improved memory management, input validation, and stricter security checks.
The most critical WebKit flaws carry CVE identifiers such as CVE-2025-43438, CVE-2025-43433, and CVE-2025-43421.
Beyond WebKit, the update targets several privacy-related weaknesses. The Control Center (CVE-2025-43350) and Status Bar (CVE-2025-43460) could have exposed restricted or sensitive information on a locked device. Apple tightened access permissions and strengthened lock screen protections.
Additionally, new fixes in Photos, Contacts, and Find My prevent apps from fingerprinting or tracking users and stop leaks of personal information through logs or temporary files.
Apple advises all users to install iOS 26.1 and iPadOS 26.1 as soon as possible. The company continues its policy of withholding vulnerability details until users have had time to apply patches, minimizing risk from active exploitation.
Complete technical information about these security updates is documented on Apple’s official security support pages.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
link