Apple Releases Urgent Patches to Address Security Vulnerabilities in iOS and macOS

In response to targeted attacks, Apple has issued emergency updates for its operating systems, including iOS 18.4.1, iPadOS 18.4.1, and macOS 15.4.1. These updates are designed to eliminate two critical security vulnerabilities that have reportedly been exploited in sophisticated attacks against individual iPhone users.

According to Apple, the identified weaknesses allow attackers to execute extremely complex targeted assaults. Although specific details regarding these attacks remain undisclosed, such vulnerabilities are often associated with commercial spyware utilized by governmental entities to monitor selected individuals.

Notably, the recent patches also include an update for tvOS 18.4.1, which is applicable to Apple TV devices, and visionOS 2.4.1, relevant for the Vision Pro. However, Apple has not provided updates for older versions of iOS, iPadOS, and macOS, which may affect some users with legacy hardware. The availability of future updates for these older systems is currently uncertain. Previously, Apple had released security patches for iPadOS 17 and iOS 16, but it appears that no further updates will be issued for iOS 17, as all compatible devices can upgrade directly to iOS 18.

One of the critical vulnerabilities involves a memory management flaw in CoreAudio. This issue could allow an attacker to execute arbitrary code while an audio stream is being played through a manipulated media file. Security researchers from both Apple and Google are believed to have discovered this vulnerability, identified as CVE-2025-31200. The second vulnerability is more severe, as it grants attackers the ability to bypass the security feature known as Pointer Authentication Codes, which are integrated into Apple chips, thereby enabling them to run arbitrary code. Apple has addressed this issue by removing the problematic code from its systems.

In addition to these serious security patches, iOS 18.4.1 aims to resolve a connectivity issue affecting iPhones when attempting to connect to wireless CarPlay infotainment systems in certain vehicle models. According to Apple, this connectivity problem occurred infrequently.