TheiOS 18.4.1update contains security fixes for vulnerabilities that may have been used in sophisticated attacks. Here’s why you should update.On Wednesday, more than two weeks afterthe launchof iOS 18.4, ApplereleasediOS 18.4.1. Though the update itself is relatively minor, with only aCarPlayfix and no new features, the software includes two significant security patches.Subscribe to AppleInsider on YouTubeSubscribe to AppleInsider on YouTubeSpecifically, iOS 18.4.1 addresses a CoreAudio issue that enabled malicious code execution by processing a media file. Apple addressed the memory corruption issue by implementing improved bounds checking and gave the vulnerability the designation CVE-2025-31200.TheiPhonemaker also resolved an RPAC issue with iOS 18.4.1,listed asCVE-2025-31201. Vulnerable code was removed from the operating system, making it so that attackers with arbitrary read and write access can no longer bypass Pointer Authentication.For both of these vulnerabilities, Apple says it’s aware of reports that they may have been used in “extremely sophisticated” attacks against targeted individuals oniOS. Though the now-patched exploits only affected select individuals, Apple recommends that all iOS users install the iOS 18.4.1 update.It’s important to keep your operating system up-to-date. Apple’s latestsecurity fixesensure that bad actors have a much more difficult time obtaining your private user data, on some occasionseven patchingactively used exploits, as was the case with Wednesday’s iOS 18.4.1 update.
On Wednesday, more than two weeks afterthe launchof iOS 18.4, ApplereleasediOS 18.4.1. Though the update itself is relatively minor, with only aCarPlayfix and no new features, the software includes two significant security patches.
Specifically, iOS 18.4.1 addresses a CoreAudio issue that enabled malicious code execution by processing a media file. Apple addressed the memory corruption issue by implementing improved bounds checking and gave the vulnerability the designation CVE-2025-31200.
TheiPhonemaker also resolved an RPAC issue with iOS 18.4.1,listed asCVE-2025-31201. Vulnerable code was removed from the operating system, making it so that attackers with arbitrary read and write access can no longer bypass Pointer Authentication.
For both of these vulnerabilities, Apple says it’s aware of reports that they may have been used in “extremely sophisticated” attacks against targeted individuals oniOS. Though the now-patched exploits only affected select individuals, Apple recommends that all iOS users install the iOS 18.4.1 update.
It’s important to keep your operating system up-to-date. Apple’s latestsecurity fixesensure that bad actors have a much more difficult time obtaining your private user data, on some occasionseven patchingactively used exploits, as was the case with Wednesday’s iOS 18.4.1 update.