Apple has released an urgent security update for iOS 26.3.1 and other OSes. See About the security content of Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2.

Unfortunately it does not show up in Settings → General → Software Update! And I saw no notification about it either.

Users apparently need to find the Settings → Privacy & Security → Background Security Improvements setting and manually install the update (requiring a reboot in this case). And note that the Automatically Install setting is turned ON on my device. Apparently that doesn't do anything though. (The update was released on March 17, 2026 and I checked on March 20. So for 3 days the automatic update did not happen.)

So I predict that only a few users will actually find and install the important security fix.

Nice going Apple!

Update: On one Apple iPad running iPadOS 26.3.1 the security update appears to have installed automatically. So that seems to sometimes work? Still, from a user interface perspective it makes no sense to split of the UI for installing background security updates from the normal Software Update UI.

Update #2: On March 24, 2026, only a week later, iOS/iPadOS/macOS 26.4 where released. Thus for this specific case the issue is effectively moot. However the point of the security update was to get a fix for an issue out to the devices as soon as possible. And hiding the mechanism for installing such fixes is counterproductive.