Patch Your iPhone! iOS 18.4.1 Plugs Critical Security Flaws Exploited in ‘Extremely Sophisticated’ Attacks

Apple is offering out-of-band software updates to address two security flaws said to be exploited in targeted attacks.

A month after fixing a similarly nasty flaw exploited by threat actors, the Cupertino tech titan has discovered two more holes that need plugging to prevent attacks – believed to be actively unfolding in the wild.

The wording of Apple’s advisory makes it clear: users must prioritize this update!

‘Exploited in an extremely sophisticated attack’

The first issue listed in Apple’s advisory, tracked as CVE-2025-31200, is a weakness in CoreAudio where “processing an audio stream in a maliciously crafted media file may result in code execution.”

In plain English, the device can become infected with malware after playing a tainted audio file sent to the victim’s phone.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS,” the tech giant warns.

Apple discovered the flaw with the help of Google’s security team, which it credits in the notice.

The second issue, tracked as CVE-2025-31201 and discovered solely by Apple’s security people, is a vulnerability where “an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.”

Pointer Authentication prevents bugs, specifically memory bugs, from being exploited by bad actors.

Apple doesn’t go into the technicalities, only mentioning (for the second time in the same advisory) that it is “aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.”

Reading between the lines, users should make these updates a priority – especially people who believe they might be targeted.

Patch now!

iOS 18.4.1 is only the latest in a string of updates carrying the warning that threat actors are exploiting “extremely sophisticated” attack avenues to nefarious ends.

In March, the Cupertino tech mammoth issued iOS 18.3.2 to fix a nasty WebKit flaw said to be exploited in “extremely sophisticated attacks.”

Read: Patch Your iPhone! iOS 18.3.2 Fixes Nasty WebKit Flaw Exploited by Hackers in ‘Sophisticated Attacks’

A month earlier, Apple was rolling out iOS 18.3.1 to the masses as an emergency update addressing similar “extremely sophisticated” bypasses of its iOS safeguards.

Read: Apple Issues Emergency iOS 18.3.1 Update to Plug ‘Extremely Sophisticated’ Attack Vector on iPhones and iPads. Patch Now!

Also known as zero-day vulnerabilities, these critical weaknesses were already being exploited (or at the very least tentatively exploited) in the wild – before Apple caught wind of them.

Apple security weaknesses used in mercenary spyware attacks (surveillance)

In total, Apple has addressed five zero-day flaws this year, with security researchers warning that at least some of them have been used in mercenary spyware attacks.

In fact, “sophisticated” attacks exploiting lapses in Apple software have historically involved spyware.

Operators – typically working for an authoritarian regime – target activists, dissidents, political rivals, human rights advocates, investigative journalists and other high-profile people. Apple, Google, and Meta, Facebook’s parent company, have been fighting the threat for years.

Even if you’re not a high-risk person, you never know when you accidentally trip a wire and become a target. So it’s always a good idea to stay up to date with the latest security patches.

For peace of mind, run a dedicated security solution on all your personal devices. On iOS and macOS, keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might be targeting you.

As we note in our security guide for iPhone users, Apple’s proverbial walled garden has long been lauded for its robust security, thanks to a tightly controlled ecosystem, a strict app review process, and timely software patches. Yet, advanced cyber threats targeting Apple users – especially iPhone users – persist.

Read: 10 Cyberthreats iPhone Users Can’t Afford to Ignore in 2025

Fixes also extend to iPads, Macs, Apple TV, and Apple Vision

Since most Apple products share virtually the same underlying software, Apple is addressing the same two issues not just on iPhones, but also on iPads, Macs, the Apple TV media center and the Apple Vision headset.

As of today, users will want the following versions to stay on the safe side:

·      iOS 18.4.1 and iPadOS 18.4.1: for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

·      macOS Sequoia 15.4.1: for all Mac models running macOS Sequoia

·      tvOS 18.4.1: for Apple TV HD and Apple TV 4K (all models)

·      visionOS 2.4.1: for Apple Vision Pro

You may also want to read:

WhatsApp Patches Zero-Click Spyware Attack Vector on Android

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices