The Apple WebKit vulnerability is a critical security issue affecting various Apple software products. It allows attackers to execute arbitrary code on your device by processing maliciously crafted web content. This could lead to unauthorized access to sensitive data, including personal identifiable information (PII) and system configuration.
You're affected if you use:
- watchOS 26.2 or earlier
- Safari 26.2 or earlier
- iOS 18.7.3 or earlier
- iPadOS 18.7.3 or earlier
- macOS Tahoe 26.2 or earlier
- visionOS 26.2 or earlier
- tvOS 26.2 or earlier
Check with: xcrun -sdk iphoneos clang --version (for iOS and iPadOS) or xcrun -sdk iphonesimulator clang --version (for macOS)
Note: This vulnerability is not related to aEnrich HR software, so if you use that product, you are likely not affected.
Apple Support: https://support.apple.com/en-us/125884
Update Safari to version 26.2 or later.
Apple Support: https://support.apple.com/en-us/125885
Apply the iOS and iPadOS updates:
Apple Support: https://support.apple.com/en-us/125889
Update your macOS to Tahoe 26.2 or later.
Immediate mitigations:
- Restrict network access to your device (firewall it from the public internet)
- Audit system activity for suspicious patterns
- Monitor for unauthorized code execution