Apple starts issuing lightweight security updates between software releases

Sinisa Markovic, Senior Staff Writer, Help Net Security March 18, 2026 Share Apple starts issuing lightweight security updates between software releases Apple is delivering small security updates, called Background Security Improvements, starting with iOS 26.1, iPadOS 26.1, and macOS 26.1. Apple describes Background Security Improvements as lightweight security releases for components such as Safari, the WebKit framework, and other system libraries, delivered through ongoing patches between software updates. “In rare instances of compatibility issues, Background Security Improvements may be temporarily removed and then enhanced in a subsequent software update,” the company noted. Users can manage Background Security Improvements in the Privacy and Security settings on iPhone, iPad, and Mac, where the feature can be set to install automatically. If disabled, devices will not receive these updates until they are included in a later software release. Apple also notes that applied patches can be removed, reverting the system to the base version of the operating system without the additional security fixes. The first release addresses a WebKit vulnerability, tracked as CVE-2026-20643 and reported by security researcher Thomas Espach, where processing malicious web content may bypass the same-origin policy. Apple said the issue stemmed from a cross-origin flaw in the Navigation API and was resolved with improved input validation. More about Apple cybersecurity iOS update Share