- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Apple Patches Critical Zero-Day Vulnerability in iOS, macOS, and More
What You Need to Know About the Emergency Security Update
Apr. 10, 2026 at 3:01am by Ben Kaplan
Got story updates? Submit your updates here. ›
As Apple races to patch critical zero-day flaws, the vulnerability's impact on the company's devices is visualized through a glowing, cyberpunk-inspired illustration.San Francisco TodayApple has released an emergency security patch to address a critical zero-day vulnerability affecting a wide range of its devices and operating systems. The flaw, known as CVE-2026-20700, could have allowed attackers to execute malicious code on vulnerable devices, potentially compromising sensitive data and system integrity. The Google Threat Analysis Group uncovered the complex issue, which Apple acknowledged was being actively exploited in targeted attacks.
Why it matters
Zero-day vulnerabilities pose a serious threat, as they can be exploited before a fix is available. This incident highlights the constant need for Apple users to stay updated with the latest security patches to protect their devices and data. The disclosure of this flaw, along with two other related CVEs, underscores the ongoing battle between tech giants and sophisticated cyber threats.
The details
The vulnerability lies within dyld, Apple's Dynamic Link Editor, causing memory corruption. If exploited, it could grant an attacker the ability to write and execute arbitrary code on affected devices. The updates are available for the latest Apple devices, including iPhone 11 and later models, iPad Pro 3rd generation and newer, iPad Air 3rd generation and later, iPad 8th generation and beyond, iPad mini 5th generation and later, as well as Apple TV, Apple Watch Series 6 and later, and Apple Vision Pro. Older devices running iOS 18.7.5, iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, and Safari 26.3 also received security patches.
- Apple acknowledged that this zero-day was exploited in highly targeted attacks against specific individuals on older iOS versions.
- The company also revealed that two other CVEs, CVE-2025-14174 and CVE-2025-43529, were previously addressed in response to the same report.
The players
Google Threat Analysis Group
The Google security team that uncovered the complex zero-day vulnerability in Apple's software.
Apple
The technology giant that released the emergency security patch to address the critical flaw affecting a wide range of its devices and operating systems.
What’s next
This incident marks Apple's first zero-day fix in 2026, following nine zero-day patches in 2025. The company's ongoing efforts to address vulnerabilities and protect its users will likely continue to be a focus in the coming months.
The takeaway
This case highlights the importance of proactive security measures and the constant need for tech companies to stay vigilant against emerging threats. As users, we must remain diligent in keeping our Apple devices updated to ensure the best possible protection against sophisticated cyber attacks.
