Apple rushed to squash 29 bugs because AI is supercharging hackers - update ASAP

Follow ZDNET: Add us as a preferred source on Google.

ZDNET's key takeaways

Apple's latest OS updates patch 29 security flaws.

The fixes were rolled out sooner than expected.

Apple cited the increase in AI-powered security threats.

iPhone, iPad, and Mac owners, it's time for another update. As usual, this one is designed to resolve a number of security vulnerabilities. And though none have yet been exploited by attackers, you'll still want to update your device. Here's how and why.

On Monday, Apple released version 26.5.2 for iOS, iPadOS, and MacOS. To update, head to Settings (System Settings on a Mac), select General, and then select Software Update. Download and install the latest update for your device.

Also: I replaced my iPhone battery at the Apple Store for the first time ever - and learned a valuable lesson

A few of the patches address bugs in the OS kernel, while most focus on security flaws in Apple's WebKit browser engine. On the plus side, none of the 29 patched vulnerabilities are zero-days that have been reported as exploited in the wild. Then why the urgency?

Hackers can still exploit any of the vulnerabilities, especially now that they're public knowledge. That means anyone who hasn't updated is at risk. For example, the bugs in WebKit could allow an attacker to install malware or steal sensitive data. That's even more serious than it sounds.

"WebKit isn't just Safari, it's the engine rendering web content inside other iOS apps, so these flaws are reachable almost anywhere a link opens, not only in the browser," said Adam Boynton, senior enterprise strategy manager at security provider Jamf. "Most are memory-safety bugs triggered just by loading malicious content...None has been exploited yet, which is the whole point of shipping early."

Also: How I use Siri mode in the iOS 27 Camera app to ask questions about anything I see

Plus, Apple decided to fix these bugs earlier than expected. The patches had already been available in the current beta releases for iOS 26.6, iPadOS 26.6, and MacOS 26.6. This indicates that Apple planned to add them to the official 26.6 releases, expected in early or mid-July.

Blame it on AI

Why did Apple roll them out now? Here's a familiar refrain: Blame it on AI.

In a story published Monday (subscription required), Apple told Reuters that it's deploying a series of software updates that would otherwise have been included in a new version of its operating systems. The company said that the change in plans is a response to AI-driven security concerns.

Also: I was jealous of these 4 iOS 27 features - then I realized my Android phone already has them

Apple needs to adapt to the new reality in which attackers use AI to speed up the development of malicious hacking tools, the company explained to Reuters. That means it has to reduce the amount of time between the initial announcement of new security fixes and their actual release to the general public.

This points to a growing trend in the software world. Companies like Apple and Microsoft typically wait until the next regular update cycle to deploy patches for the latest security holes. But AI is a powerful tool, especially in the hands of the wrong people. As cybercriminals weaponize AI, security threats quickly become more exploitable. And companies can no longer afford to wait until the next major update to patch serious security bugs.

Also: Apple Maps vs. Google Maps: I used both navigation apps for years, and one is much better

"It reflects the old approach breaking down," Boynton said. "Bundling fixes into big feature releases worked when you had weeks before a flaw got exploited, and that buffer is gone. So Apple pulled these fixes out of the feature cycle, and I'd expect smaller, more frequent updates as a result. I wouldn't call it a permanent policy of one release, but the direction is clear."