Apple has released a critical security update, iPadOS 18.7.5, for older iPad models, addressing a vulnerability that was actively being exploited. The update extends security protections to devices no longer receiving major operating system upgrades, demonstrating Apple’s commitment to safeguarding its user base even on older hardware. Alongside this, Apple also released iPadOS 26.3 for newer devices, tackling the same dangerous security flaw. This dual release highlights Apple’s layered approach to security, ensuring a broad range of devices remain protected against emerging threats.
The vulnerability, identified as CVE-2026-20700, resides within the dyld dynamic loader component and could allow attackers to execute arbitrary code on affected devices, potentially gaining complete control. Google’s Threat Analysis Group discovered the exploit, indicating a sophisticated and targeted attack. The release of iPadOS 18.7.5 for older iPads – including the iPad 7th generation – is particularly significant, as these models are no longer eligible for the latest iOS 26 feature updates but continue to receive essential security patches. This proactive measure ensures millions of users aren’t left vulnerable simply because they haven’t upgraded to newer hardware.
A Lifeline for Older Hardware
Whereas newer iPads receive the full benefits of iOS 26, iPadOS 18.7.5 provides a crucial security lifeline for older devices. The update addresses a total of 30 security vulnerabilities, showcasing Apple’s comprehensive approach to security. This allows users to continue using their devices for everyday tasks with a greater degree of confidence, without necessarily needing to invest in a hardware upgrade. The extended support represents a benefit for both consumers and the environment, reducing electronic waste by prolonging the usable life of existing devices.
The Threat: Memory Manipulation and Zero-Day Exploits
At the core of the issue is a vulnerability in dyld that allows attackers to manipulate memory and execute malicious code. According to Apple, this could lead to full device compromise. The fact that this was a “zero-day” vulnerability – meaning it was actively exploited before a patch was available – underscores the urgency of the update. Zero-day exploits are particularly dangerous because users have no prior warning or defense against them.
Apple responded with a wave of emergency updates on February 11 and 12, 2026, extending beyond iPad and iPhone to include Mac, Apple Watch, Apple TV, and even the Vision Pro headset. This broad scope demonstrates the severity of the vulnerability and the interconnected nature of Apple’s ecosystem, where a flaw in one component can potentially impact many devices. The fix implemented by Apple focuses on improved memory management.
How to Update Your iPad
Security experts strongly advise users to install the updates as soon as possible. Given the active exploitation of this zero-day vulnerability, the risk is real and immediate. For owners of older iPads, the update process is straightforward: navigate to Settings > General > Software Update to download and install iPadOS 18.7.5.
While major system updates on older hardware can sometimes lead to performance issues, security-focused updates are typically lightweight. Delaying installation puts your device and sensitive data at risk. Apple provides detailed instructions on how to update your devices on their support website: About the security content of iOS 18.7.5 and iPadOS 18.7.5.
What This Means for iPad Users
This incident highlights a key reality of modern technology: older devices may not receive the latest features, such as redesigned interfaces or artificial intelligence capabilities, but essential security updates remain a priority. This practice ensures that millions of functional devices can be used safely, providing a critical layer of protection in an evolving threat landscape. Apple’s commitment to providing security updates for older devices is a notable example of responsible technology stewardship.
The release of iPadOS 18.7.5 and iPadOS 26.3 underscores the importance of staying informed about security updates and applying them promptly. Users can uncover more information about Apple’s security updates and vulnerability management practices on the Apple Security Updates page.
Apple will likely continue to monitor the situation and provide further updates as needed. The next scheduled update for newer devices is expected with the release of iOS 26.4, though the timing remains unconfirmed.
Have you updated your iPad yet? Share your experience and thoughts in the comments below.
