Apple has unveiled its new Background Security Improvement (BSI) update system, which aims to provide continuous security patches for recent versions of iOS, iPadOS, and macOS. This approach marks a shift from Apple’s previous strategy of frequent security updates.
The BSI updates are designed to address vulnerabilities in system components like the Safari browser, WebKit framework, and other core libraries. These lightweight security patches will be automatically installed in the background to bolster security between major software updates.
Apple’s first BSI update, released on March 17th, targeted iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. The primary focus of this initial update was to address a specific vulnerability, CVE-2026-20643, related to a cross-origin issue in the Navigation API. Apple resolved the problem by enhancing input validation processes, mitigating the risk of maliciously crafted web content circumventing the Same Origin Policy.
Users have the option to manage automatic downloads of these BSI updates in the Settings of their iPhone or Mac devices.
Source: mint – technology