Apple(US:AAPL) Huan Qiu Wang Zi Xun·2026-01-11 04:13Core Insights - Apple has confirmed that a newly discovered high-risk zero-day vulnerability has been exploited by commercial spyware to successfully infiltrate multiple iPhone devices [1] - The company has adopted an unprecedented technical strategy for the fix, limiting security patches to devices running iOS 26, while ceasing support for devices on iOS 18, regardless of hardware compatibility [1] Group 1 - The decision to limit the security patch availability stems from Apple's in-depth assessment of the vulnerability exploitation chain [1] - The two zero-day vulnerabilities exploited involve the WebKit browser engine and iMessage processing core, enabling remote code execution and persistent presence, which can be used to deploy highly covert commercial spyware [1] - Apple released an urgent iOS 26.2 update before the holiday to address the vulnerabilities and simultaneously pushed a security notice to developers [1] Group 2 - User upgrade lag presents a significant challenge, with independent statistics indicating that the adoption rate of iOS 26 is far below historical levels [2] - As of early January 2026, only about 19% of active iPhone devices are running iOS 26, with some users resistant to the new "Liquid Glass" screen material and UI effects [2] - Users have expressed difficulties adapting to enhanced privacy tracking controls, notification aggregation logic, and background resource scheduling strategies in iOS 26 [2][3]