News

Apple Addresses CVE-2026-20700 Zero-Day Flaw in Latest Security Update

Luciano Ferrari

12 Feb 2026 — 3 min read

Thursday, February 12, 2026

Top 5 Cybersecurity Stories You Should Know

Apple Addresses CVE-2026-20700 Zero-Day Flaw in Latest Security Update — tl;dr: Apple has released critical security updates for its devices, addressing a zero-day vulnerability tracked as CVE-2026-20700. This memory corruption issue affects iPhones, iPads, Macs, Apple Watches, Apple TVs, and Safari, allowing attackers to execute arbitrary code and potentially install malware. Users are urged to update to iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, and other relevant versions immediately to protect their personal information. Regular updates and cautious online behavior are essential to safeguard against such vulnerabilities.
↪ https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices
Apple Patches Exploited Zero-Day CVE-2026-20700 in iOS and macOS — tl;dr: Apple has released critical updates for iOS, macOS, and other devices to address a zero-day vulnerability, CVE-2026-20700, which has been exploited in sophisticated cyber attacks. The flaw, a memory corruption issue in Apple's Dynamic Link Editor (dyld), could allow attackers to execute arbitrary code on affected devices. Users are urged to update to the latest versions of iOS 26.3, macOS Tahoe 26.3, and other relevant systems immediately to mitigate risks. This update follows previous vulnerabilities, including CVE-2025-14174 and CVE-2025-43529, which were also exploited in the wild.
↪ https://thehackernews.com/2026/02/apple-fixes-exploited-zero-day.html
Microsoft Addresses Critical Zero-Day Vulnerabilities in Windows and Office (CVE-2026-21510, CVE-2026-21513) — tl;dr: Microsoft has released security patches for critical zero-day vulnerabilities affecting Windows and Office users, specifically CVE-2026-21510 and CVE-2026-21513. These flaws allow hackers to execute one-click attacks, potentially leading to malware installation and system compromise. Users are advised to update their systems immediately to mitigate risks, as the vulnerabilities are actively exploited and details on their exploitation have been made public. The issues were identified with the help of Google's Threat Intelligence Group, highlighting the importance of collaboration in cybersecurity.
↪ https://techcrunch.com/2026/02/11/microsoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users/
Apple Fixes iOS Zero-Day CVE-2026-20700 Exploited in Targeted Attacks — tl;dr: Apple has released patches for a critical zero-day vulnerability, CVE-2026-20700, affecting iOS and macOS systems. This memory corruption issue, exploited in sophisticated attacks targeting specific individuals, allows for arbitrary code execution through the dyld system component. The flaw is linked to previously patched vulnerabilities in WebKit. Users are urged to update their devices immediately to mitigate risks, as the updates address nearly 40 vulnerabilities in iOS and iPadOS, and over 50 in macOS. Keeping devices updated is essential for maintaining security against such threats.
↪ https://www.securityweek.com/apple-patches-ios-zero-day-exploited-in-extremely-sophisticated-attack/
Apple Patches Actively Exploited Zero-Day CVE-2026-20700 Across Devices — tl;dr: Apple has addressed a critical zero-day vulnerability, CVE-2026-20700, affecting iOS, macOS, and other platforms, which allowed attackers to execute arbitrary code via a memory corruption flaw in the Dynamic Link Editor (dyld). Discovered by Google's Threat Analysis Group, this vulnerability was reportedly exploited in sophisticated attacks targeting specific individuals. Users are urged to update their devices to the latest versions, including iOS 26.3 and macOS Tahoe 26.3, to mitigate risks. Additional vulnerabilities, CVE-2025-14174 and CVE-2025-43529, have also been patched, underscoring the importance of regular software updates for security.
↪ https://securityaffairs.com/187890/security/apple-fixed-first-actively-exploited-zero-day-in-2026.html