Apple Patches Everything: February 2026, (Wed, Feb 11th)

• Apple Patches Everything: February 2026 Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). • The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. • Older versions of iOS, iPadOS, and macOS are also updated. • OF special note is CVE-2026-20700. • This vulnerability has already been exploited in targeted attacks. • It allows attackers who can write to memory to execute code.

Article Summaries:

• Apple Patches Everything: February 2026 Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated. OF special note is CVE-2026-20700. This vulnerability has already been exploited in targeted attacks. It allows attackers who can write to memory to execute code. Two vulnerabilities patched in December are related to the same attack (CVE-2025-14174 and CVE-2025-43529). Interesting are addit
• Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: 7.8), has been described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation of the vulnerability could allow an attacker with memory write capability to execute arbitrary code on susceptible devices. Google Threat Analysis Group (TAG) has been credited with discovering and reporting the bug. “Apple is aware of a report
• Apple has issued security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, and Safari to fix a zero‑day memory‑corruption flaw (CVE‑2026‑20700) that is actively exploited in targeted attacks. The vulnerability allows attackers with memory‑write capability to run arbitrary code, potentially installing spyware or backdoors. It was used in an infection chain that also involved earlier CVEs (CVE‑2025‑14174 and CVE‑2025‑43529), which were already patched in a December 2025 update. Updated OS versions (iOS 26.3, macOS Tahoe 26.3, watchOS 26.3, etc.) are available, and users are urged to install them promptly to protect their devices.
• Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. “Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors,” Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. “Attackers are abusing get_portal_info to extract the x-ns-company value before establishing a WebSocket channel.” The vulnerability in question is CVE-2026-1731 (CVS score: 9.9), which could allow an unauthenticated attacker to ach

Sources:

• https://isc.sans.edu/diary/rss/32706
• https://thehackernews.com/2026/02/apple-fixes-exploited-zero-day.html
• https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices
• https://thehackernews.com/2026/02/researchers-observe-in-wild.html