Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.

Apple today released the first Background Security Improvement (BSI) update, replacing the rapid security updates that it used to seed out a few years ago. The first BSI updates address a WebKit vulnerability that could allow maliciously crafted web content to bypass Same Origin Policy. There's a macOS Tahoe 26.3.1, iOS 26.3.1, and iPadOS 26.3.1 BSI update, as well as a macOS Tahoe 26.3.2 BSI update exclusive to the MacBook Neo.

Apple today released the first Background Security Improvement (BSI) update, replacing the rapid security updates that it used to seed out a few years ago. The first BSI updates address a WebKit vulnerability that could allow maliciously crafted web content to bypass Same Origin Policy. There's a macOS Tahoe 26.3.1, iOS 26.3.1, and iPadOS 26.3.1 BSI update, as well as a macOS Tahoe 26.3.2 BSI update exclusive to the MacBook Neo.

Apple today released the first Background Security Improvement (BSI) update, replacing the rapid security updates that it used to seed out a few years ago. The first BSI updates address a WebKit vulnerability that could allow maliciously crafted web content to bypass Same Origin Policy. There's a macOS Tahoe 26.3.1, iOS 26.3.1, and iPadOS 26.3.1 BSI update, as well as a macOS Tahoe 26.3.2 BSI update exclusive to the MacBook Neo.