Apple Introduces Interim Security Updates Between Major Software Releases
Apple Introduces Interim Security Updates for Enhanced Protection
In a move to bolster security between major software releases, Apple has begun issuing lightweight security updates, dubbed Background Security Improvements. This new initiative starts with the rollout of iOS 26.1, iPadOS 26.1, and macOS 26.1. These compact security releases focus on updating components such as Safari, the WebKit framework, and other system libraries through ongoing patches.
How Background Security Improvements Work
According to Apple, Background Security Improvements may occasionally be temporarily removed in cases of compatibility issues, only to be re-implemented and enhanced in a subsequent software update. Users have the option to manage these updates in the Privacy and Security settings on their iPhone, iPad, or Mac, where they can choose to install them automatically. If disabled, devices will not receive these updates until they are incorporated into a later software release. Moreover, applied patches can be removed, reverting the system to its base version without the additional security fixes.
Vulnerability Fixed in Inaugural Release
According to Apple, the inaugural release addresses a vulnerability in WebKit, identified as CVE-2026-20643, which was discovered by security researcher Thomas Espach. This vulnerability allows malicious web content to bypass the same-origin policy. Apple has resolved the issue by improving input validation, which stemmed from a cross-origin flaw in the Navigation API.
Enhanced Protection for Users
By introducing Background Security Improvements, Apple aims to provide users with enhanced protection between major software releases, ensuring that their devices remain secure and up-to-date with the latest security patches.
About Author
English