Apple has released a patch to fix a zero-day vulnerability in iPhone, which hackers exploited to target specific users. Google’s Threat Analysis Group flagged this flaw, leading to the rollout of iOS 26.3 and iPadOS 26.3. The issue, identified as CVE-2026-20700, involves a memory corruption bug in Apple’s Dynamic Link Editor. This bug can load and link software libraries in apps.
Exploitation of the Zero-Day Flaw
Apple said the vulnerability was used in sophisticated attacks targeting specific individuals with versions of iOS before iOS 26. The flaw alone could not hack an iPhone, but if an attacker had access to write memory to the device, they could abuse it to run rogue code. This gives the attacker a way to tamper with the device’s software.
While the vulnerability alone isn’t enough to hack an iPhone, Apple’s report suggests the flaw was part of a chain of exploits used to remotely access certain devices. The company also linked the threat to two other vulnerabilities, CVE-2025-14174 and CVE-2025-43529, which were patched in December. These flaws allowed attackers to process maliciously crafted web content, likely delivered through phishing websites or messages.
Spyware Concerns and State-Sponsored Attacks
Apple’s report raises the possibility that attackers could have used the vulnerabilities to deploy spyware. Typically, state-sponsored hackers target high-value individuals, including politicians, journalists, and activists. These attacks are often difficult to detect, and hackers use them to gather sensitive information from specific targets.
Google’s Threat Analysis Group first informed Apple of the exploit. This indicates that hackers may have used the flaw for some time, especially since they targeted users running older versions of iOS. iOS 26 launched in September, yet the flaw affected earlier versions of the OS.
Apple’s Response to the Threat
Apple hasn’t revealed how many users were affected by this flaw but did release fixes for macOS, visionOS, tvOS, and watchOS, in addition to iPhone. Apple’s Lockdown Mode, which blocks spyware, remains a valuable tool for users who want additional protection against advanced threats.
How to Update Your iPhone
To install the patch, iPhone users should go to Settings > General > Software Update. For those who have automatic updates enabled, their devices will install the patch on their own.
Read Also
Windows 11 PowerToys Shortcuts
Linux Gaming: The Future
Mac Models Before 2018: What You Need to Know
Preventing Future Threats
Apple’s release of the zero-day vulnerability in iPhone patch shows the company’s commitment to user security. Regular updates will protect users from the latest security threats and malicious attacks. Keeping your device up to date is essential for avoiding sophisticated exploits like these. With ongoing security enhancements, Apple continues to prioritize its users’ safety.
