iOS 26.5 Updates

If you're in the Apple 'ecosystem', the following blog has lots of Apple 'stuff' you may -- or may not -- want to take a look at...Jim H

Thoughtful, detailed coverage of everything Apple for over 30 years

18 May 2026

#1804: OS 26.5 encrypts RCS, fix Dictation mistakes with Contacts, iOS notification privacy fix, $250 million Siri settlement

Frustrated when Dictation fails to capitalize proper nouns or substitutes a contact’s name for a common word? Adam Engst shares a clever workaround using fake Contacts entries—and even zero-width Unicode spaces—to train Dictation across all your Apple devices. Last week brought us OS 26.5, which primarily gives iPhone users end-to-end encrypted RCS messaging for secure texting with Android users. Apple also extended a notification privacy fix to older iOS and iPadOS versions, addressing a bug that caused notifications to persist even after they were deleted. We link to coverage of Apple’s $250 million settlement over the delayed “more personalized” Siri, which could net eligible iPhone buyers $25–$95 per device. Notable Mac app releases this week include Bookends 15.4, ChronoSync 12.0.2, Microsoft Office for Mac 16.109, Safari 26.5, and Unite Pro 1.4.

Apple Extends Notification Privacy Fix to iOS 15, iOS 16, and iPadOS 17OS 26.5 Adds Encrypted RCS Messaging, Fixes BugsTipBITS: How Fake Contacts Can Fix Dictation’s Proper Noun ProblemsWatchlist: Mac App UpdatesBookends 15.4ChronoSync 12.0.2Microsoft Office for Mac 16.109Safari 26.5Unite Pro 1.4ExtraBITSApple Settles “More Personalized” Siri Delay Lawsuit for $250 Million

ADAM ENGST 13 May 20262 comments

Apple Extends Notification Privacy Fix to iOS 15, iOS 16, and iPadOS 17

In “iOS 26.4.2 and iOS 18.7.8 Address Notification Privacy Flaw Highlighted by FBI Case” (22 April 2026), I wrote about how Apple fixed a bug that caused notifications to be retained even when they should have been deleted. Apple has now extended that fix to older iOS and iPadOS versions, releasing iOS and iPadOS 15.8.8iOS and iPadOS 16.7.16, and iPadOS 17.7.11 (there’s no iOS 17 update because all iOS 17–capable iPhones can run iOS 18) with no other changes. Check Settings > General > Software Update to see which version you’re running and which update is available.

This privacy vulnerability is not something most people will worry about, but anyone who fears a government agency might seize their device and extract sensitive data can now rest easier. So if you have an older iPhone or iPad that can’t upgrade past one of those operating system versions, install the update at your convenience.

Join the discussion

ADAM ENGST 11 May 20261 comment

OS 26.5 Adds Encrypted RCS Messaging, Fixes Bugs

Apple has released iOS 26.5iPadOS 26.5, and watchOS 26.5 with a smattering of new features. macOS 26.5 TahoetvOS 26.5visionOS 26.5, and HomePod Software 26.5 contain only bug fixes, security updates, or performance and stability improvements.

The headline feature in iOS 26.5 is encrypted RCS messaging, which Apple is rolling out in beta for iPhone users on supported carriers. iPhones and iPads also gain Suggested Places in Maps, which Apple says displays recommendations based on “what’s trending nearby and your recent searches.” Forgive my skepticism, but this feature feels like a lead-in to ads in Maps, which absolutely no user has ever asked for.

iOS 26.5 and iPadOS 26.5 also introduce a new Pride Luminance wallpaper that “dynamically refracts a spectrum of colors” and is available for download. watchOS 26.5 adds a new Pride Luminance face that Apple describes in much the same way, and it fixes a bug where Messages could use SMS instead of iMessage when paired with a dual SIM iPhone, and another where Workout app audio alerts could fail to play if the paired iPhone wasn’t nearby. That’s it for the release notes.

End-to-End Encrypted RCS Messaging

One of iMessage’s claims to fame is that all messages are end-to-end encrypted, meaning no one, not even Apple, can decrypt them in transit or at rest. There is one caveat, though. When iCloud Backup and Messages in iCloud are both enabled, Apple controls the encryption key to the Messages backup and could be compelled to decrypt the messages, unless the user has turned on Advanced Data Protection (see “Apple’s Advanced Data Protection Gives You More Keys to iCloud Data,” 8 December 2022).

Regardless, iMessage is far more secure than traditional SMS, which lacks end-to-end encryption and relies on carrier infrastructure that can store, route, and forward messages. As the industry began replacing SMS with RCS (Rich Communication Services), interoperable end-to-end encryption was a notable omission. Google has offered encrypted RCS messaging between Android users in Google Messages for years, but until now, RCS conversations involving iPhone users could not be encrypted.

Apple is now rolling out a beta of end-to-end encrypted RCS messaging for iPhone users running iOS 26.5 with supported carriers and Android users on the latest version of Google Messages. Although the list of supported carriers is quite large, encrypted RCS also requires the latest version of Google Messages on Android—something many users may not have. You can tell if an RCS conversation is end-to-end encrypted by looking for a lock icon and message. Apple says that encryption is on by default and will automatically be enabled over time for existing RCS conversations.

Amusingly, Apple ends its announcement of encrypted RCS messaging with this dig:

iMessage was built with privacy in mind and has always been end-to-end encrypted. It remains the best way to communicate between Apple devices.

Apparently, someone at Apple wants to make sure that adding RCS encryption doesn’t imply that iPhone users should turn off iMessage and go about their lives as green-bubble friends. Frankly, that seems far-fetched, given the ingrained separation of blue and green bubble people.

Security Updates

As always, these updates include numerous fixes for security vulnerabilities, perhaps more than usual, and credit a somewhat higher-than-usual proportion of individual researchers. However, none are zero-day vulnerabilities that are being exploited in the wild. Apple also updated the previous versions of iOS and iPadOS, as well as the last two versions of macOS.

I’ve been curious if we would see an increase in the number of acknowledged fixes after Apple joined Anthropic’s Project Glasswing and gained access to the Claude Mythos AI model (see “What Anthropic’s Mythos and Project Glasswing Mean for Your Apple Devices,” 9 April 2026). There’s no specific mention of Mythos in the release notes, but for the first time, several CVEs (Common Vulnerabilities and Exposures, the standard system for cataloging security flaws) credit Claude and Anthropic. Subsequently, Calif.io posted about a macOS kernel memory corruption exploit developed with help from Mythos. We’ll look for Calif.io’s name in future security notes.

CVE-2026-28942: Milad Nasr and Nicholas Carlini with Claude, Anthropic

CVE-2026-28952: Calif.io in collaboration with Claude and Anthropic Research

Unfortunately, iOS 18.7.9 and iPadOS 18.7.9 are available only for the iPhone XS, iPhone XS Max, iPhone XR, and iPad 7th generation—Apple has rescinded the brief reprieve it gave other iOS 18 users who do not want to upgrade to iOS 26 (see “Apple Offers iOS 18.7.7 Security Update as Alternative to iOS 26.4 Upgrade,” 1 April 2026, and “iOS 26.4.2 and iOS 18.7.8 Address Notification Privacy Flaw Highlighted by FBI Case,” 22 April 2026).

Update Advice

The main reason to install these updates sooner rather than later is the security fixes. Encrypted RCS messaging is of course welcome, but since we haven’t had it until now, it’s hard to imagine a few more days without it causing anyone much hardship. So wait until the end of the week to make sure there are no unwelcome surprises that will prompt a quick fix from Apple, then install the updates.