Apple users urged to update devices immediately after sophisticated attack

Apple has released iOS 18.4.1 and it comes with a warning to update your iPhone now. That’s because iOS 18.4.1 fixes two iPhone security flaws, both of which are being used in real-life attacks.

Apple doesn’t provide a lot of detail about what’s fixed in iOS 18.4.1, because the iPhone maker wants to give people as much time to update before more attackers can get hold of the details.

The first flaw fixed in iOS 18.4.1 is an issue in the iPhone’s CoreAudio tracked as CVE-2025-31200 and reported by Apple and the Google Threat Analysis Group. Processing an audio stream in a maliciously crafted media file may result in code execution, Apple warned on its support page.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS,” the iPhone maker added.

The second bug patched in iOS 18.4.1 is a flaw in RPAC tracked as CVE-2025-31201 and reported by Apple. The vulnerability could allow an attacker with arbitrary read and write capability to bypass Pointer Authentication, Apple said, adding that the issue may also have been exploited in an “extremely sophisticated attack.”

The iOS 18.4.1 update comes just two weeks after the release of iOS 18.4, which itself patched 62 vulnerabilities, highlighting the importance of the latest upgrade.

In March, Apple again addressed an already-exploited flaw in the iOS 18.3.2 update.

Why You Should Update Now To iOS 18.4.1

Apple’s iOS 18.4.1 is an emergency security update that comes in between major point upgrades, ahead of iOS 18.5’s arrival in May. There is no iOS 17 update for older iPhones, perhaps because the operating system is not affected by this flaw. However, Apple is no longer issuing security updates to iOS 17 users that are able to upgrade to iOS 18.

The flaws have been fixed in a smaller iPhone update — and there is an indication that they’re being actively exploited. This highlights the importance of this update, says independent security researcher Sean Wright. “As a result I would recommend people update as soon as possible,” he says, adding that there “is no need to panic in most cases.”

Ineed, despite the urgency of the iOS 18.4.1 upgrade, Apple said the flaws fixed in iOS 18.4.1 were used in targeted attacks. These are likely against journalists, dissidents, government officials and businesses in certain sectors. Yet if attackers get hold of the details, they can use the flaws more widely.

Apple’s iOS 18.4.1 also addresses several bugs, including one that prevents wireless CarPlay connection in certain vehicles.

The iOS 18.4.1 update is available for the iPhone XS and later, iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.

So what are you waiting for? Go to your iPhone Settings > General > Software Update and download and install iOS 18.4.1 now.

Source: Forbes
--Agencies