Apple artificial move to encourage people to upgrade… if they could release security update for older iPhones they can release it for the rest of models…
My iPads on 18.7.3 just yesterday started pushing notifications to upgrade to 26.2 again.
Guess Apple wants to pump up those numbers. If they really cared, if they had an ethical bone in their body, they would release 18.7.3 to the public WHICH THEY ALREADY HAVE STAGED.
This is more like blackmail where they are dangling these security issues over everyone's head as some scare tactic to upgrade, instead of giving everyone access to the iOS 18 security patch which already exists.
>If they really cared, if they had an ethical bone in their body, they would release 18.7.3 to the public WHICH THEY ALREADY HAVE STAGED.
>This is more like blackmail where they are dangling these security issues over everyone's head as some scare tactic to upgrade, instead of giving everyone access to the iOS 18 security patch which already exists.
18.7.3 was released a month ago. Anyone who cared about security updates would have already gotten it using the beta workaround. Anyone who's apathetic about updates isn't going to be swayed by 18.7.3 vs 26.2.
Note the CVEs discussed were patches almost a month ago with iOS 18.7.3. If you used the beta workaround[1] to get that, you're safe and don't have to upgrade to iOS 26... for now.
This is very bad advice given that this CVE allows DCE.
Unless you are someone with significant security experience (which most HNers don't have), do not roll the dice with out-in-the-wild exploits, especially given how most people rely on their smartphones to a significant degree.
Most likely. This is a WebKit issue whose patch is only shipped with iOS 26.2 or iOS 18.7.3 (but that's only available to a subset of iPhone and iPadOS devices).
> CVE-2025-43529 allows threat actors a direct code execution capability, while CVE-2025-14174 provides the much needed sandbox escape and privilege escalation capabilities which makes it devastating
Good news for people wanting to run the code they want on their own devices?
Forced obsolescence due to the iOS 26 bloat triggers a forced upgrade cycle.
More iPhone sales! Some VP up there is popping champagne after getting the genius idea to disguise it as a security feature and force it down people's throats.
OK, I had iOS 18 beta selected. I turned that off and IOS 26.2 magically reappeared as an offering. I guess since 18.7.3 is not going to be offered to me, I must install 26.2.
I rejected iOS 26 for a while and boy did my opinion on whether Apple forces version changes do a 180. Everything people lambast Windows for was there. Nags with no “no” option, a red notification badge you can’t dismiss, scare dialogs, and disabling unrelated features. This latest slimy behavior is unfortunately quite consistent with how Apple treats disobedient iOS users.
On macOS they still seem to be stopped by firm enough non-consent, but they really try to force you first, and I get the impression they may do worse any year now.
My iPads on 18.7.3 just yesterday started pushing notifications to upgrade to 26.2 again.
Guess Apple wants to pump up those numbers. If they really cared, if they had an ethical bone in their body, they would release 18.7.3 to the public WHICH THEY ALREADY HAVE STAGED.
This is more like blackmail where they are dangling these security issues over everyone's head as some scare tactic to upgrade, instead of giving everyone access to the iOS 18 security patch which already exists.
>This is more like blackmail where they are dangling these security issues over everyone's head as some scare tactic to upgrade, instead of giving everyone access to the iOS 18 security patch which already exists.
18.7.3 was released a month ago. Anyone who cared about security updates would have already gotten it using the beta workaround. Anyone who's apathetic about updates isn't going to be swayed by 18.7.3 vs 26.2.
[1] eg. https://news.ycombinator.com/item?id=46264741
Unless you are someone with significant security experience (which most HNers don't have), do not roll the dice with out-in-the-wild exploits, especially given how most people rely on their smartphones to a significant degree.
https://www.cvedetails.com/version/2021355/Apple-Iphone-Os-1...
seems to be the same as 18.7.2
https://www.cvedetails.com/version/2037518/Apple-Iphone-Os-1...
Good news for people wanting to run the code they want on their own devices?
Most users lack the domain experience needed to protect and maintain hygiene against threat actors.
https://mjtsai.com/blog/2026/01/09/slow-ios-26-adoption/
More iPhone sales! Some VP up there is popping champagne after getting the genius idea to disguise it as a security feature and force it down people's throats.
A few weeks ago it was offering me iOS 26, but not anymore.
On macOS they still seem to be stopped by firm enough non-consent, but they really try to force you first, and I get the impression they may do worse any year now.