Daily Tech News, Interviews, Reviews and Updates

Apple releases iOS 26.3, iPadOS 26.3 and macOS Tahoe 26.3 updates

OS
By Estuti Bajpai
Apple Logo - Feature Image

Apple has recently released its latest iOS 26.3, iPadOS 26.3 and macOS Tahoe 26.3 updates. These updates arrive with some new changes and major bug fixes.

iOS 26.3 & iPadOS 26.3

The iOS 26.3 update arrives with a new Limit Precise Location setting. Cellular networks can determine your location based on which cell towers your device connects to. The Limit Precise Location setting enhances your location privacy by reducing the precision of location data available to cellular networks. With this setting turned on, some information made available to cellular networks is limited.

To use this feature, your device needs an Apple-designed modem like C1 or C1X, which means currently only iPhone Air, iPhone 16e and the M5 iPad Pro are compatible. Carrier support is currently limited as well. The feature is said to expand significantly later this year. You can find this setting in Settings- Cellular- Cellular Data Options.

The iOS 26.3 also includes new changes to the Apple Music app- the Favourite Songs playlist is now visible in the Top Picks section on the home page. Users can also download offline lyrics for tracks and view them without an internet connection. There is also a new Weather Wallpaper section with three pre-designed Weather wallpapers in the Lock Screen customisation options.

The iOS 26.3 and iPadOS 26.3 updates add a tool for transitioning from an Apple device to an Android device. Transfers are able to be started during the device setup process, and the transfer process supports moving photos, messages, notes, apps, passwords, phone numbers, and more.

These new updates also address various security vulnerabilities. These vulnerabilities were available for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad Mini 5th generation and later.

Security vulnerabilities fixed:

  • An accessibility bug allowed an attacker with physical access to a locked device to be able to view sensitive user information.
  • A Bluetooth bug could allow an attacker in a privileged network position to perform a denial-of-service attack using crafted Bluetooth packets.
  • A call history bug where a user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions.
  • A CFNetwork bug could allow a remote user to write arbitrary files.
  • A CoreAudio bug could process a maliciously crafted media file that may lead to unexpected app termination or corrupt process memory.
  • A CoreMedia bug could process a maliciously crafted file that may lead to a denial-of-service or potentially disclose memory contents.
  • A CoreServices bug could allow an app to gain root privileges.
  • Another CoreServices bug could allow an app to access sensitive user data.
  • A dyld bug may allow an attacker with memory write capabilitiy may be able to execute arbitrary code. This issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
  • A Game Center bug could allow a user to view sensitive user information.
  • In ImageIO, two bugs could allow processing a maliciously crafted image that may lead to the disclosure of user information and process memory.
  • Three bugs were addressed in the kernel that allowed an app to cause unexpected system termination, a malicious app to cause root privileges and an attacker in a privileged network position to intercept network traffic.
  • A LaunchServices bug could allow an app to enumerate a user’s installed apps.
  • A libexpat bug could process a maliciously crafted file that may lead to a denial-of-service.
  • A libxpc bug could allow an app to break out of its sandbox.
  • A Live Captions bug could allow an attacker with physical access to a locked device to view sensitive user information.
  • A Messages bug could allow a shortcut to bypass sandbox restrictions.
  • A Photos bug could allow a person with physical access to an iOS device to access photos from the lock screen.
  • A Sandbox bug could allow an app to break out of its sandbox.
  • A Sandbox Profiles bug could allow an app to access sensitive user data.
  • A screenshot bug could allow an attacker to discover a user’s deleted notes.
  • A Shortcut bug could allow an app to access sensitive user data.
  • A Spotlight bug could allow a sandboxed app to access sensitive user data.
  • A StoreKit bug could allow an app to identify what other apps a user has installed.
  • A UIKit bug could allow an app to bypass certain Privacy preferences, while another bug could allow an attacker with physical access to an iPhone to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with a Mac.
  • A VoiceOver bug could allow an attacker with physical access to a locked device to view sensitive user information.
  • Four WebKit bugs could allow a remote attacker to cause a denial-of-service, processing a maliciously crafted web content that leads to an unexpected process crash, and a website to track users through Safari web extensions.
  • A WiFi bug could allow an app to cause unexpected system termination or corrupt kernel memory.

MacOS Tahoe 26.3

This update also fixes various security vulnerabilities:

  • An Admin Framework bug could allow an app to access sensitive user data.
  • An AppleMobileFileIntegrity bug may also allow an app to access sensitive user data.
  • A Bluetooth bug may allow an attacker in a privileged network position to perform a denial-of-service attack using crafted Bluetooth packets.
  • A CFNetwork bug could allow a remote user to write arbitrary files.
  • A Contacts bug may allow an app to access information about a user’s contacts.
  • A CoreAudi bug could allow processing a maliciously crafted media file that leads to unexpected app termination or corrupt process memory.
  • A CoreMedia bug could allow processing a maliciously crafted file that may lead to a denial-of-service or potentially disclose memory contents.
  • A CoreServices bug could allow an app to gain root privileges.
  • Another CoreServices bug could allow an app to access sensitive user data.
  • A dyld bug may lead an attacker with memory write capability to execute arbitrary code. This issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
  • A Foundation bug could allow an app to access user-sensitive data, protected user data, and another bug may lead an app to monitor keystrokes without user permission.
  • A Game Center bug could allow a user to view sensitive user information.
  • A GPU Driver bug could allow an attacker to cause unexpected system termination or read kernel memory.
  • Two ImageIO bugs could allow processing a maliciously crafted image may lead to disclosure of user information and disclosure of process memory.
  • Three Kernel bugs that could allow an app to cause unexpected system termination, a malicious app to gain root privileges and an attacker in a privileged network position to intercept network traffic.
  • A LaunchSercvices bug could allow an app to access protected user data.
  • A libexpat bug may process a maliciously crafted file that leads to a denial-of-service.
  • A libxpc bug could allow an app to break out of its sandbox.
  • Due to a Mail bug, turning off “Load remote content in messages” may not apply to all mail previews.
  • Due to a Messages bug, a shortcut may be able to bypass sandbox restrictions.
  • A Model I/O bug could allow processing a maliciously crafted USD file that leads to an unexpected app termination.
  • A Notification Center bug could allow an app with root privileges to access private information.
  • A NSOpenPanel bug could allow an app to access sensitive user data.
  • A Remote Management bug could allow an app to gain root privileges.
  • A Safari bug could allow an app to access a user’s Safari history.
  • A Sandbox bug could allow an app to break out of its sandbox.
  • A Security bug could allow an app to gain root privileges.
  • A Setup Assistant bug could also allow an app to gain root privileges.
  • A Shortcuts bug could allow an app to access sensitive user data.
  • A Siri bug could allow a malicious app to access notifications from other iCloud devices. Another bugs in Siri could allow an attacker with physical access to a locked device to view sensitive user information, and an app to access sensitive user data.
  • A Spotlight bug could allow a sandboxed app to access sensitive user data, while another bug may allow an app to access sensitive user data.
  • A StoreKit bug could allow an app to identify what other apps a user has installed.
  • Two System Settings bugs could allow an app to access sensitive user data.
  • A UIKit bug could allow an app to bypass certain Privacy preferences.
  • A Voice Control bug could allow an app to crash a system process.
  • A Weather bug could allow a malicious app to read sensitive location information.
  • Four WebKit bugs could allow a remote attacker to cause a denial-of-service, processing maliciously crafted web content may lead to an unexpected process crash, a website may track users through Safari web extensions and processing maliciously crafted web content may lead to an unexpected process crash.
  • A WiFi bug could allow an app to cause unexpected system termination or corrupt kernel memory.
  • A WindowServer bug could allow an app to cause a denial-of-service.

Via 1, 2

Get real time updates directly on you device, subscribe now.

Estuti Bajpai 5476 posts

Journalism student currently pursuing Masters in mass communication and Journalism from Chandigarh University. Well versed in public communication. Looking for an opportunity in the field of journalism to gain knowledge and use my journalism skills efficiently.

You might also like
OS

OPPO F27 Pro+ Stable ColorOS 16 Update Officially Announced for the Indian Region;…

OS

Apple releases the first betas of iOS 26.4, iPadOS 26.4 and macOS Tahoe 26.4

OS

Google officially releases Android 17 Beta 1 update

OS

OnePlus is bringing back the AI writer feature via OxygenOS B40P02 SOTA Feb 2026…