Urgent iPhone Security Update: iOS 18.4.1 Released
Urgent iPhone Security Update: iOS 18.4.1 Released to Patch Actively Exploited Flaws
Apple has released iOS 18.4.1, a critical security update addressing two actively exploited vulnerabilities in iPhones and iPads. The update, released April 16th, follows iOS 18.4 (which itself patched 62 vulnerabilities) and comes just two weeks after its predecessor. Apple notes that these flaws have been used in "extremely sophisticated attacks against specific targeted individuals," although the company does not specify the targets. However, independent security researcher Sean Wright recommends immediate updates, stressing the importance of the patch while noting that most users needn't panic.
The first vulnerability, CVE-2025-31200, resides within CoreAudio, Apple's digital audio infrastructure. A maliciously crafted audio file could lead to code execution, potentially allowing data theft or device compromise. This flaw was reported by both Apple and the Google Threat Analysis Group. The second vulnerability, CVE-2025-31201, affects RPAC (a security mechanism designed to prevent memory corruption exploitation). An attacker with arbitrary read and write capabilities could bypass this protection, potentially compromising the system. Both vulnerabilities have been described as having potentially been exploited in sophisticated attacks.
Apple has addressed CVE-2025-31200 through improved bounds checking and CVE-2025-31201 by removing the vulnerable code section. The update also resolves a bug causing wireless CarPlay connection issues in some vehicles.
This marks the fifth actively exploited zero-day vulnerability addressed by Apple this year. The company has provided minimal details about the flaws to prevent wider exploitation. The update is available for iPhone XS and later models, as well as select iPad models (iPad Pro 13-inch and 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later). There is no iOS 17 update for older iPhones, possibly because the older operating system isn't affected by the flaws, though Apple is no longer issuing security updates for users who can upgrade to iOS 18. To update, navigate to Settings > General > Software Update on your device and install iOS 18.4.1 immediately.
Apple has released iOS 18.4.1, a critical security update addressing two actively exploited vulnerabilities in iPhones and iPads. The update, released April 16th, follows iOS 18.4 (which itself patched 62 vulnerabilities) and comes just two weeks after its predecessor. Apple notes that these flaws have been used in "extremely sophisticated attacks against specific targeted individuals," although the company does not specify the targets. However, independent security researcher Sean Wright recommends immediate updates, stressing the importance of the patch while noting that most users needn't panic.
The first vulnerability, CVE-2025-31200, resides within CoreAudio, Apple's digital audio infrastructure. A maliciously crafted audio file could lead to code execution, potentially allowing data theft or device compromise. This flaw was reported by both Apple and the Google Threat Analysis Group. The second vulnerability, CVE-2025-31201, affects RPAC (a security mechanism designed to prevent memory corruption exploitation). An attacker with arbitrary read and write capabilities could bypass this protection, potentially compromising the system. Both vulnerabilities have been described as having potentially been exploited in sophisticated attacks.
Apple has addressed CVE-2025-31200 through improved bounds checking and CVE-2025-31201 by removing the vulnerable code section. The update also resolves a bug causing wireless CarPlay connection issues in some vehicles.
This marks the fifth actively exploited zero-day vulnerability addressed by Apple this year. The company has provided minimal details about the flaws to prevent wider exploitation. The update is available for iPhone XS and later models, as well as select iPad models (iPad Pro 13-inch and 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later). There is no iOS 17 update for older iPhones, possibly because the older operating system isn't affected by the flaws, though Apple is no longer issuing security updates for users who can upgrade to iOS 18. To update, navigate to Settings > General > Software Update on your device and install iOS 18.4.1 immediately.
