Apple Releases Critical Security Updates for Legacy Devices

Severity: Medium (Score: 45.8)

Sources: Isc.Sans.Edu, Appleinsider

Summary

On May 11, 2026, Apple issued critical security updates for older iPhones, iPads, and Macs, addressing 84 vulnerabilities across various operating systems. The updates include fixes for serious flaws related to WebKit, kernel access, Wi-Fi, and sandbox escapes. Devices affected include those running macOS Tahoe, Sequoia, and Sonoma, as well as iOS and iPadOS versions 15 through 18. Notably, the updates patch vulnerabilities that could allow arbitrary code execution and privilege escalation. Apple confirmed that none of the patched vulnerabilities are currently exploited in the wild. The updates are essential for maintaining device security, especially for legacy systems that continue to receive support. Apple emphasizes the importance of updating to mitigate potential risks associated with these vulnerabilities. Key Points: • Apple patched 84 vulnerabilities across multiple legacy operating systems. • Critical flaws include issues in WebKit, kernel access, and Wi-Fi systems. • No vulnerabilities are currently known to be exploited in the wild.

Key Entities

• Data Breach (attack_type)
• Denial-of-Service (attack_type)
• Cwe-125 - Out-of-bounds Read (cwe)
• Cwe-190 - Integer Overflow Or Wraparound (cwe)
• CWE-200 - Exposure of Sensitive Information (cwe)
• CWE-269 - Improper Privilege Management (cwe)
• Cwe-787 - Out-of-bounds Write (cwe)
• sans.edu (domain)
• Gatekeeper (platform)
• IOS (platform)
• IPadOS (platform)
• MacOS (platform)
• Safari (platform)