The iPhone remains the most widely used smartphone in the United States and one of the most popular devices worldwide, with roughly 1.6 billion users globally. But a large share of those users is now facing a serious security risk.
In recent weeks, Apple has issued alerts about a major vulnerability that could affect nearly half of all iPhone users — around 800 million devices.
Last month, Apple revealed two critical flaws in WebKit, the browser engine behind Safari and all iOS browsers. According to the company, these weaknesses could be exploited in highly sophisticated, targeted attacks.
The flaws allow hackers to take control of an iPhone or iPad by luring users to malicious websites that can force the device to run harmful code. This could give attackers access to sensitive data, including passwords and payment information.
Apple has already released a fix, but many users have not installed it yet. Estimates suggest that about half of eligible iPhone owners have not upgraded to the latest software. That leaves roughly 800 million devices unprotected. Some analysts believe the number could be even higher, with more than a billion users still running outdated versions.
The devices most at risk include iPhone 11 and newer models, as well as several recent iPad Pro, iPad Air, iPad, and iPad mini generations.
Apple says the only effective way to stay safe is to update to the newest version of iOS, currently iOS 26.2. Older versions no longer receive security patches unless the device cannot support the latest system.
Security experts warn there is no workaround that meaningfully reduces the risk. Once vulnerabilities become public, attackers move fast — and delaying updates only increases exposure.
For users with automatic updates turned on, the fix may already be installed. Everyone else should update manually by opening Settings → General → Software Update and installing the latest version.