Apple has released a critical security update, iOS 18.4.1, urging all iPhone users to install it immediately due to two serious security vulnerabilities that are being actively exploited in cyberattacks. These vulnerabilities affect the iPhone's CoreAudio and Pointer Authentication systems, allowing malicious actors to execute arbitrary code and access sensitive data.
The attack on the CoreAudio is detailed by Apple as being "an extremely sophisticated attack against against specific targeted individuals on iOS' and could see 'code execution' occur if an audio stream is processed in a 'maliciously crafted media file'.
Apple said, "We are aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on ios. This update provides important bug fixes and security updates, and addresses a rare issue that prevents wireless CarPlay connection in certain vehicles."
2 critical vulnerabilities
Apple's security update fixes two critical vulnerabilities that allowed hackers to access and exploit iPhone audio streams. These flaws were reportedly used to target specific individuals, including government officials and journalists. To address the issue, Apple patched a memory corruption problem, preventing potential widespread exploitation and protecting user security.
The second vulnerability involved Return Pointer Authentication Code (RPAC), a security feature designed to prevent attackers from manipulating code. Hackers exploited this flaw to bypass security measures, gaining read-and-write capabilities on affected devices, including iPads, Apple TVS, and MacBooks. The latest update has patched these vulnerabilities, fixing the issue and enhancing device security.
Key Updates:
- iOS 18.4.1: Fixes critical security flaws in CoreAudio and RPAC, protecting against sophisticated exploits and potential spyware attacks.
- iPadOS 18.4.1: Also addresses security vulnerabilities to ensure device protection.
- macOS Sequoia 15.4.1: Includes essential security updates to safeguard Mac devices.
- tvOS 18.4.1 and visionOS 2.4.1: Provide security patches for Apple TV and Vision Pro devices.
To update to iOS 18.4.1 or iPadOS 18.4.1:
- 1. Go to Settings
- 2. Tap General
- 3. Select Software Update
- 4. Follow the on-screen instructions to download and install the update.
Make sure your device is connected to a stable internet connection and has sufficient battery life or is plugged into a power source.
