Apple confirms that Stolen Device Protection will be enabled by default for enterprise devices updating from iOS 26.4 to iOS 26.4.1, and from iPadOS 26.4 to iPadOS 26.4.1. Here are the details.
iOS 26.4 had already enabled the feature by default on non-enterprise devices
Earlier today, Apple released iOS 26.4.1 and iPadOS 26.4.1, with its release notes containing the standard This update provides bug fixes for your iPhone.” information.
It wasn’t long before some developers noted that the release fixed a CloudKit bug that had been breaking iCloud data syncing.
Now, Apple has updated its “What’s new for enterprise in iOS 26” support page, confirming yet another change:
iOS 26.4.1
Stolen Device Protection will be automatically enabled on devices that update from iOS 26.4 to iOS 26.4.1.
Likewise, Apple updated the “What’s new for enterprise in iPadOS 26” with the same information regarding iPadOS 26.4.1.
Apple continues to tighten security on its devices
Today’s move follows Apple’s decision to enable Stolen Device Protection by default for non-enterprise devices on iOS 26.4.
This feature, originally launched in 2024, adds extra security layers to sensitive actions when an iPhone is away from familiar locations, requiring biometric authentication for things like accessing saved passwords, or changing account settings. It also introduces a delay for certain high-risk changes to prevent unauthorized access.
Here’s Apple on how the feature works:
With Stolen Device Protection, some features and actions have additional security requirements when your iPhone is away from familiar locations such as home or work. These requirements help prevent someone who has stolen your iPhone and knows your passcode from making critical changes to your account or device.
- Face ID or Touch ID biometric authentication: Some actions such as accessing stored passwords and credit cards require a biometric authentication with Face ID or Touch ID — with no passcode alternative or fallback — so that only you can access these features.
- Security Delay: Some security actions such as changing your Apple Account password also require you to wait an hour and then perform an additional Face ID or Touch ID authentication.
Today’s update also follows a busy stretch for iOS security. After the discovery of the Coruna and DarkSword exploits, Apple released updates across both older and current versions of iOS and iPadOS to address the vulnerabilities.
Additionally, the decision comes just a day after Anthropic announced that its new model, Mythos, is particularly powerful at finding security flaws in operating systems and browsers.
In fact, Anthropic contacted multiple companies ahead of time, Apple included, and offered them $100 million in usage credits for Mythos to help identify and fix security vulnerabilities before they could be exploited.
While the company’s decision to enable Stolen Device Protection by default on enterprise devices with iOS 26.4.1 doesn’t appear to be linked to Coruna, DarkSword, or the impact of Mythos, it does reflect Apple’s ongoing efforts to offer stronger protections for its users.
To learn more about Stolen Device Protection, follow this link.
Worth checking out on Amazon
FTC: We use income earning auto affiliate links. More.
