Update Now: iOS 18.4.1 and macOS Sequoia 15.4.1 Address Actively Exploited Vulnerabilities

by

The iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, and visionOS 2.4.1 updates that Apple released today include fixes for two major vulnerabilities, which means you should install the new software as soon as you can.

bug security vulnerability issue fix larry
According to Apple, it is aware of reports that these vulnerabilities may have been actively exploited in the wild. Apple says that the security flaws were potentially used in an "extremely sophisticated attack against specific targeted individuals."

One of the issues impacts CoreAudio, and involves a maliciously crafted audio file. Processing the audio stream in the media file could result in code execution. Apple fixed the memory corruption issue with improved bounds checking.

The other vulnerability affected pointer authentication code, and an attacker with arbitrary read and write capability could bypass the Pointer Authentication features that prevent memory from being tampered with. Apple removed the vulnerable code to prevent the exploit from working.

All of the updates are available today, and focus primarily on the security fixes. iOS 18.4.1 also addresses an issue that could prevent some wireless CarPlay setups from working properly in select vehicles.

Related Roundups: iOS 18, iPadOS 18, macOS Sequoia
Related Forums: iOS 18, iPadOS 18, macOS Sequoia

Popular Stories

iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article56 comments
xiaomi apple ad india

Apple and Samsung Push Back Against Xiaomi's Bold India Ads

Friday August 29, 2025 4:54 am PDT by
Apple and Samsung have reportedly issued cease-and-desist notices to Xiaomi in India for an ad campaign that directly compares the rivals' devices to Xiaomi's products. The two companies have threatened the Chinese vendor with legal action, calling the ads "disparaging." Ads have appeared in local print media and on social media that take pot shots at the competitors' premium offerings. One...
Read Full Article200 comments
crossbody strap

iPhone 17's 'Crossbody Strap' Accessory to Feature Magnetic Design

Thursday August 28, 2025 7:49 am PDT by
Apple's cases for the iPhone 17 lineup will be accompanied by a new Crossbody Strap accessory with a unique magnetic design, according to the leaker known as "Majin Bu." Apple's Crossbody Strap reportedly features an unusual magnetic design; it likely has a "flexible metal core" that makes it magnetic along its entire length. At the ends, "rings polarized oppositely to the strap close the...
Read Full Article109 comments
Awe Dropping Apple Event Feature

Five Things to Expect From Apple's 'Awe Dropping' September 9 Event

Tuesday August 26, 2025 4:17 pm PDT by
Apple today announced its "Awe Dropping" iPhone-centric event, which is set to take place on Tuesday, September 9 at 10:00 a.m. Pacific Time. There are a long list of products that are coming, but we thought we'd pull out five feature highlights to look forward to. That Super Thin iPhone - Apple's September 9 event will see the unveiling of the first redesigned iPhone we've had in years, ...
Read Full Article114 comments

Top Rated Comments

Havoc035 Avatar
Havoc035
20 weeks ago

Instead of 'this affected only a small amount/handful of users' they changed their text to sophisticated attacks against specific individuals. Classic Apple Marketing.
Sure, but this description is also arguably better for describing state sponsored targeted attacks.
Score: 14 Votes (Like | Disagree)
VictoryHighway Avatar
VictoryHighway
20 weeks ago

I hope some day this type of updates are released as a “rapid security response”
Yeah. Whatever happened to those?
Score: 13 Votes (Like | Disagree)
rictus007 Avatar
rictus007
20 weeks ago
I hope some day this type of updates are released as a “rapid security response”
Score: 12 Votes (Like | Disagree)
hoodafoo Avatar
hoodafoo
20 weeks ago

Has anyone actually ever been hacked? Still rolling on 16.7.2 on my 14 pro…. You don’t ever see any horror stories of people having their iPhone hacked because they didn’t update. At least I haven’t.
It just means you're not important
Score: 9 Votes (Like | Disagree)
jz0309 Avatar
jz0309
20 weeks ago
Obliged.
I like security and bug fixes
Score: 9 Votes (Like | Disagree)
jayducharme Avatar
jayducharme
20 weeks ago
Weird: after the update, I'm no longer receiving 2-factor authentication texts. I tried rebooting, but no luck. I'm still getting regular messages though.

Never mind. I'm a dope. After the last power-down I forgot to turn my iPhone back on. Everything's working fine.
Score: 6 Votes (Like | Disagree)
Read All Comments