Check Your iPhone Settings Now: Apple Releases First-Ever ‘Background’ Security Patch

This is the first Background Security Improvement from Apple. Here’s how to make sure your iPhone installs it right away.

BY CHLOE AIELLO, REPORTER @CHLOBO_ILO

Illustration: Inc.; Photos: Courtesy Apple

Apple released its first ever Background Security Improvement for iOS, iPadOS, and macOS. 

Background Security Improvements are a new kind of update that the tech giant says deliver “lightweight security releases” for Safari and other software elements that may benefit from “smaller, ongoing security patches” between more significant software updates.

Apple didn’t share too much information about why it had pushed the update, but did share that the bug was discovered in WebKit, the browser engine used by Safari, Mail and other apps. Apple wrote that “maliciously crafted web content” could bypass a critical security mechanism called the “Same Origin Policy.” This policy protects against data theft by preventing bad websites from accessing user data or acting on behalf of a user on other websites, according to Mozilla. 

A post from cybersecurity education provider Infosec Institute describes a hypothetical case of how a bad actor could exploit this type of vulnerability in the event, for example, that a user is logged into their email account in one tab and accessing a malicious website in the other. 

How Anthropic's Claude AI Became a Co-Founder

“An attacker can access your mail and other sensitive information using JavaScript. For example read private mail, send fake mail, read your chats,” Infosec’s Jatin Jain wrote. “Now imagine the same scenario and replace Gmail with your online banking application – it could be worse.”

Apple did not immediately respond to Inc.’s request for more information about the fix.

Background security updates are only available for devices running iOS 26.1 or later. If you have a qualifying device, here’s how to download this new type of update:

© Inc.com