ios 26.3 delivers more than 35 security patches, according to Apple’s security updates page, and fixes several high‑risk vulnerabilities.
The largest patch addresses a zero day in the Dynamic Link Editor dyld that could let an app with memory write capability execute arbitrary code.
Apple says it knows of a report that this dyld flaw has been used in "an extremely sophisticated attack against specific targeted individuals" running versions prior to iOS 26.
The update also corrects three kernel flaws, one of which could allow a malicious app to gain root privileges on an affected device.
A Photos bug fixed in the release could previously let someone with physical access to a locked device view a user’s photos from the lock screen.
Apple also patched a pair of Accessibility bugs that could allow viewing of sensitive user information on a locked device.
Most of these security fixes apply across Apple platforms, and Apple notes similar patches are available for macOS and iPadOS builds.
Impact And Recommended Actions
Although this release brings few visible features, the volume and severity of fixes mean users have little reason to delay installing ios 26.3.
Security researchers and device owners should treat the dyld zero day and kernel fixes as high priority because they enable code execution and elevation of privilege.
For immediate protection Apple’s article indicates users should update affected devices without waiting when possible.
On an iPhone or iPad open Settings, tap General, then Software Update, and follow the prompts to install the update.
Users are also advised to install corresponding macOS updates where available, since many of the same security patches apply to Macs.
Keeping devices current will address the lock screen disclosure bugs and the kernel and dyld vulnerabilities that Apple identified in its security notes.
