2 weeks Ago By Priya Singh
Apple has rolled out a critical security update, iOS 18.4.1, urging all iPhone users to install it immediately to protect against two actively exploited vulnerabilities.
These flaws, found in the CoreAudio and Pointer Authentication systems, could allow attackers to execute arbitrary code and access sensitive user data. Apple described the CoreAudio exploit as an “extremely sophisticated attack” targeting specific individuals, where simply processing a malicious audio file could trigger code execution. ⚠️ Security alert: iOS 18.
4.1 patches active zero-days 🔐📱 U.S.
gov’t agencies must update by May 8 — but everyone should act now. 🛡️ Shields up for iPhone users 🚨 2 exploited vulnerabilities ⏰ No time to wait #iOSUpdate #CyberSecurity #ZeroDay https://t.co/L742Y1PMfH — Brian Greenberg (@bjgreenberg) April 20, 2025 In an official statement, Apple noted, “We are aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on ios.
This update provides important bug fixes and security updates, and addresses a rare issue that prevents wireless CarPlay connection in certain vehicles." ALSO SEE: Upcoming WhatsApp Feature May Let Users Translate Messages Instantly Apple’s latest security update addresses two severe vulnerabilities that allowed hackers to exploit iPhone audio streams, reportedly targeting high-profile individuals such as government officials and journalists. One of the flaws stemmed from a memory corruption issue, which Apple has now patched to prevent potential large-scale attacks and reinforce user privacy.
🚨 Apple Alert: iOS 18.4.1 is out with urgent security fixes! Two zero-day vulnerabilities were actively exploited in highly targeted attacks.
If you’re using an iPhone or iPad—update now. https://t.co/tkNWXTzmq6 🛡️🔒 #Apple #iOSUpdate #CyberSecurity #ZeroDay pic.
twitter.com/zYdsy0G2Xk — HOSA INFO SEC (@Hosainfosec) April 17, 2025 The second vulnerability affected the Return Pointer Authentication Code (RPAC), a key security feature meant to block unauthorized code execution. Hackers used this flaw to bypass protections and gain read-and-write access to various Apple devices, including iPads, Apple TVs, and MacBooks.
With the new update, Apple has closed these loopholes, significantly strengthening the security of its ecosystem. What To Do Next? Apple has released iOS 18.4.
1, iPadOS 18.4.1, macOS Sequoia 15.
4.1, tvOS 18.4.
1, and visionOS 2.4.1 to address critical security vulnerabilities across its devices.
These updates fix serious flaws in CoreAudio and RPAC, protecting users from sophisticated exploits and potential spyware threats. The patches apply not only to iPhones and iPads but also to MacBooks, Apple TVs, and Vision Pro devices, enhancing security across Apple’s ecosystem. To install iOS 18.
4.1 or iPadOS 18.4.
1, users should navigate to Settings > General > Software Update, then follow the on-screen instructions to download and install the update. Apple advises ensuring a stable internet connection and keeping the device charged or plugged in during the process to avoid interruptions..
