This decision changes the very nature of your iPhone.
Getty Images
It was updated on January 27th with new security information about Apple’s new update and an innovative privacy feature that was just confirmed for the iPhone, which is coming in a few days.
The need for Apple users to reboot their iPhones continues to make headlines (1,2), although the reasons behind this are less understood. This isn’t just an alarming new attack that has wreaked havoc around the world. This is an alarming number of iPhone users who have not installed security patches that Apple released 6 full weeks ago.
Let’s be very clear. Apple issued fixes in mid-December and warned users to update. For this 6-week period, iPhones not updated were not safe. This changes the nature of these devices and undermines the reason to buy an iPhone in the first place.
The actual number of affected users is unclear. Some analysts suggest more than half of iPhones, but that’s an overestimate. The number it is material. Probably hundreds of millions of devices, even when using more balanced market share metrics.
In December, Apple warned that iPhones are being attacked by two exploits in the WebKit software. These began as “highly sophisticated attacks against specific targeted individuals”. However, security analysts were quick to warn that the WebKit vulnerabilities are particularly dangerous and will be leaked to less sophisticated attackers.
Apple’s decision to stop updating iOS 18 in December for all iPhones capable of running iOS 26 also means that those hundreds of millions of devices likely haven’t been rebooted. And they won’t, until users do it manually or eventually the device to upgrade to iOS 26.
While many security services advise users to reboot phones regularly — as often as every week. Very few users do this. And in fact, if you don’t reboot your iPhone regularly, you’re unlikely to get caught. That’s not to say it’s not good practice — it is.
This combination of active attacks and Apple’s decision to force users to upgrade to iOS 26 has led to a unique combination of factors that make restarting your iPhone more critical. And do it regularly until you finally upgrade to iOS 26.
It’s not just WebKit’s flaws that matter. Apple included more than 25 security fixes in iOS 26.2, any of which could affect your device. And Apple is unlikely to warn if any of it is exploited now it’s public domain. He has issued corrections. The vulnerabilities have been closed. Users uniquely choose to ignore these fixes en masse.
Best advice — update now, don’t even wait for iOS 26.3 which is imminent. That way you get the fixes and the reboot at the same time. And your iPhone is safe.
And the upgrade mandate for all those hundreds of millions of iPhone users who are sticking with iOS 18 will be intensified with this version of iOS 26.3. This has some very specific security updates, as well as an expected number of vulnerability fixes.
“Although it does not introduce innovative changes”, Geeky Gadgets says, “this update focuses on improving existing features, improving compatibility, and enhancing security.” The site suggests a release “by late January or early February.”
But critically, “safety remains top of mind.” Per Economic Times“although Apple hasn’t detailed each fix, iOS 26.3 is expected to include additional security updates after the critical patches in iOS 26.2. Those previous fixes required users to upgrade to iOS 26 from iOS 18, a change that disappointed many.”
Beyond the fixes, the key security upgrade is fully encrypted RCS messages. “By adopting modern encryption standards,” Geeky Gadgets says, “Apple reinforces its commitment to protecting user data and keeping up with evolving communication technologies. This update is especially beneficial for users who frequently communicate across different platforms, as it enhances both security and compatibility.”
But don’t wait for iOS 26.3 — those 6 weeks are more than enough. Don’t put it off any longer and upgrade all eligible iPhones running iOS 18 to iOS 26 now. And on Monday, Apple gave all iOS 26 avoiders even more reasons to update now.
No security patches this time. Apple he says iOS 26.2.1 “has no published CVE records”, although it does include bug fixes. More critically, this is another update where Apple is improving iOS 26. You can be sure that part of that focus is addressing issues that prevent iOS 18 users from upgrading and securing those six-week fixes.
If you’re still not convinced, we now know that the upcoming iOS 26.3 includes a major privacy update, one that’s been done more than Android recently.
Apple says, “with (its new) precise location restriction setting, you can limit certain information that cellular networks may use to determine your location.”
This privacy feature comes with iOS 26.3. As Apple explains“Mobile networks can determine your location based on the cell towers your device connects to. Setting a precise location limit enhances your location privacy by reducing the accuracy of location data available to mobile networks.”
This means that “some information available on mobile networks is limited. As a result, they may only be able to determine a less precise location — for example, the neighborhood where your device is located, rather than a more precise location (such as a street address). The setting does not affect signal quality or user experience.”
It won’t help with sharing your location through other apps, but it will help with the hidden tracking available through the networks themselves. You’ll find this new one in Settings > Cellular > Cellular data options, then in the settings for individual SIM cards. A reboot may be required before the new setting takes effect.
By the time iOS 26.3 arrives, your iPhone will have been exposed to known threats for eight weeks or more. If you’re still holding onto iOS 18, don’t let iOS 26.3 pass you by either.
