Apple Releases iOS 18.4.1 and Other Updates to Patch Major Security Flaws

Apple has rolled out a series of critical security updates across its platforms, including iOS 18.4.1, iPadOS 18.4.1, macOS 15.4.1, tvOS 18.4.1, and visionOS 2.4.1. While these updates are for different Apple devices, they all share a common goal: fixing vulnerabilities that could be used in real-world cyberattacks.

Key Vulnerability in CoreAudio

One of the patched flaws was found in CoreAudio, Apple's system for handling audio processing. This bug allowed attackers to craft malicious media files that, when played, could execute harmful code on a user's device.

The root cause was a memory corruption issue.

Apple resolved the flaw by implementing improved bounds checking, ensuring safer handling of audio data.

Pointer Authentication Bypass Fixed

Another serious issue affected Pointer Authentication, a security mechanism used in Apple's custom processors. The vulnerability allowed an attacker with arbitrary read/write access to bypass this protection, which could potentially lead to further device compromise.

Apple has since removed the vulnerable code to close this loophole.

Targeted Exploits and Urgent Recommendations

Apple warned that both vulnerabilities may have been exploited in highly targeted attacks against specific individuals using iOS devices. As a result, the company is urging all users to update their devices immediately to prevent potential exploitation.