Apple has released iOS 18.4.1, which is a critical security update. It urges all iPhone users to install it immediately to address two actively exploited vulnerabilities in the CoreAudio and Pointer Authentication systems.
Announced on April 19, 2025, this update addresses vulnerabilities that allowed hackers to execute arbitrary code and access sensitive data, posing significant risks to targeted individuals such as government officials and journalists.
iPhone Critical Vulnerabilities
The first vulnerability, in CoreAudio, enabled “extremely sophisticated” cyberattacks through maliciously crafted media files, potentially leading to code execution. Apple confirmed reports of exploitation targeting specific iOS users, as detailed in its security advisory. The second flaw, in Return Pointer Authentication Code (RPAC), allowed hackers to bypass security measures, gaining read-and-write access on devices like iPhones, iPads, Apple TVs, and MacBooks. Both issues have been fixed, with iOS 18.4.1 addressing memory corruption and enhancing protections.
The update extends to:
- iPadOS 18.4.1: Secures iPads against the same vulnerabilities.
- macOS Sequoia 15.4.1: Safeguards Mac devices.
- tvOS 18.4.1 and visionOS 2.4.1: Protects Apple TV and Vision Pro.
Apple also resolved a minor CarPlay connectivity issue, ensuring broader device functionality, as TechCrunch noted.
How to Update
To install iOS 18.4.1 or iPadOS 18.4.1:
- Open Settings.
- Tap General.
- Select Software Update.
- Follow the on-screen instructions to download and install.
Ensure a stable internet connection and sufficient battery or a power source. The update is crucial to prevent spyware and other cyberattacks, with X posts like “Update your iPhone now!” reflecting urgency, though sentiment remains inconclusive without wider consensus.
Read: Apple Airlifted $2B in iPhones to US to Dodge Trump Tariffs
The vulnerabilities exploited in targeted attacks highlight the growing sophistication of cyber threats, particularly against high-profile individuals. Apple’s swift response, patching both flaws, reinforces its commitment to user security, as emphasised in its advisory.
The update’s broad application across devices underscores the scale of the risk, with The Verge noting potential spyware concerns. As Apple faces increasing scrutiny over device safety, iOS 18.4.1 is critical in maintaining trust.
