Two significant security flaws that are being actively used in cyberattacks have prompted Apple to release iOS 18.4.1, a critical security update, and advise all iPhone owners to apply it right away. Malicious actors can run arbitrary code and access private information thanks to these flaws in the iPhone’s CoreAudio and Pointer Authentication systems.
Apple describes the CoreAudio assault as “an extremely sophisticated attack against specific targeted individuals on iOS” that, if an audio stream is processed in a “maliciously crafted media file,” might result in “code execution.”
Apple said, “We are aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on ios. This update provides important bug fixes and security updates, and addresses a rare issue that prevents wireless CarPlay connection in certain vehicles.”
2 critical vulnerabilities
Apple’s security update fixes two critical vulnerabilities that allowed hackers to access and exploit iPhone audio streams. These flaws were reportedly used to target specific individuals, including government officials and journalists. To address the issue, Apple patched a memory corruption problem, preventing potential widespread exploitation and protecting user security.
The second vulnerability involved Return Pointer Authentication Code (RPAC), a security feature designed to prevent attackers from manipulating code. Hackers exploited this flaw to bypass security measures, gaining read-and-write capabilities on affected devices, including iPads, Apple TVS, and MacBooks. The latest update has patched these vulnerabilities, fixing the issue and enhancing device security.
Key Updates:
– iOS 18.4.1: Fixes critical security flaws in CoreAudio and RPAC, protecting against sophisticated exploits and potential spyware attacks.
– iPadOS 18.4.1: Also addresses security vulnerabilities to ensure device protection.
– macOS Sequoia 15.4.1: Includes essential security updates to safeguard Mac devices.
– tvOS 18.4.1 and visionOS 2.4.1: Provide security patches for Apple TV and Vision Pro devices.
To update to iOS 18.4.1 or iPadOS 18.4.1:
- 1. Go to Settings
- 2. Tap General
- 3. Select Software Update
- 4. Follow the on-screen instructions to download and install the update.
Make sure your device is connected to a stable internet connection and has sufficient battery life or is plugged into a power source.
