According to 9to5Mac, Apple released iOS 26.2 and iOS 18.7.3 last Friday, December 13th, with key security fixes. The updates patch two WebKit bugs that may have been exploited against “specific targeted individuals” on older iOS versions. The problem, reported by Jason Snell at Six Colors, is that iPhone owners who have chosen to remain on iOS 18—despite having a compatible device—aren’t being shown the iOS 18.7.3 update. Instead, the Settings app only presents them with the option to update to iOS 26.2. This effectively forces a major OS upgrade to get security protection. iPhones that can’t run iOS 26 are still being offered the 18.7.3 update, and iPads appear unaffected.
The forced upgrade dilemma
Here’s the thing: if you’re still on iOS 18 right now, it’s almost certainly a deliberate choice. Maybe you hate the new Liquid Glass design language. Maybe a critical app you use for work isn’t compatible yet. Or maybe you’re just the type who waits a few months for the kinks to get ironed out of a major release. You’ve made a calculated decision. And now, Apple seems to be saying that choice comes at a cost—your security. As Snell rightly argues, users shouldn’t have to pick between ignoring critical patches and installing an OS version they’re not ready for. It’s a bad look.
Bug or policy?
So what’s going on? Is this a bug or a new, aggressive policy from Apple? Historically, the company has been pretty good about backporting security fixes to the previous major iOS version. It’s a core part of keeping a massive user base protected. But this situation feels different. The weirdest clue is the workaround: users report that if you sign up for the public beta program and opt into the iOS 18 beta track, you’ll suddenly be offered the 18.7.3 update. That… seems like a bug, right? If the update exists and is being served to beta users and incompatible devices, why would Apple intentionally hide it from a specific group of holdouts? I’m leaning toward this being a glitch, but it’s a pretty significant one that’s leaving people exposed.
The bigger picture
Look, I get it from a business perspective. Apple wants everyone on the latest software. It simplifies support, boosts adoption metrics for new features, and creates a more unified ecosystem. For industries that rely on stable, long-term hardware and software configurations—like manufacturing or industrial control where a specialized industrial panel PC might be the tool of choice—forced OS upgrades can be a massive disruption. But pressuring users with security is a dangerous game. It erodes trust. If this *is* a policy shift, it’s a hardline stance that says your preferences are irrelevant. And if it’s a bug, it’s a shockingly bad one that’s been left unaddressed for days. Either way, Apple needs to clarify this, fast.
What to do now
If you’re stuck in this situation, you basically have three choices. You can bite the bullet and update to iOS 26.2. You can try the public beta workaround, which is a ridiculous hoop to jump through for a security patch. Or you can wait and hope Apple fixes the update logic. I’d keep an eye on the Apple Discussions thread for any official word. In the meantime, maybe be extra careful about what links you click. It’s not a great solution, but it’s the reality for a chunk of users right now. Let’s see how long it takes for Apple to respond.
