Business NewsTechnologyHaven’t Updated Your iPhone or iPad? ‘Extremely Sophisticated Attacks’ Might Target Your Apple Device
ADVERTISEMENT

Haven’t Updated Your iPhone or iPad? ‘Extremely Sophisticated Attacks’ Might Target Your Apple Device

As part of iOS 18.4.1 and iPadOS 18.4.1, a new set of emergency security upgrades has been released by Apple to address two zero-day vulnerabilities.

18 Apr 2025, 07:16 PM IST i
NDTV Profit
NDTV Profit
<div class="paragraphs"><p>As part of iOS 18.4.1 and iPadOS 18.4.1, a new set of emergency security upgrades has been released by Apple to address two zero-day vulnerabilities. (Source: Apple)</p></div>
As part of iOS 18.4.1 and iPadOS 18.4.1, a new set of emergency security upgrades has been released by Apple to address two zero-day vulnerabilities. (Source: Apple)

If you’ve been receiving security notifications recently to update your iPhone or iPad devices and you’ve been sleeping on it—don’t anymore—and update your favourite Apple device right away. That’s because your Apple iPhone or iPad might be vulnerable to extremely sophisticated attacks, according to Apple.

As part of iOS 18.4.1 and iPadOS 18.4.1, a new set of emergency security upgrades has been released by Apple to address two zero-day vulnerabilities. Apple has reportedly fixed these newly found vulnerabilities after realising they might have been used in an “extremely sophisticated attack”. The company added in a security alert that specific individuals on iOS were targeted.

The security patch comes on the heels of a major update early in April that reportedly fixed over 180 security vulnerabilities in iOS, iPadOS, and macOS.

What Vulnerabilities Do iOS 18.4.1, iPadOS 18.4.1 Address?

CoreAudio (CVE-2025-31200)

This vulnerability may cause a maliciously crafted media file to execute code when a user processes an audio stream. Apple said this issue may have been exploited in an extremely sophisticated attack against individuals on iOS. The memory corruption issue was addressed with improved bounds checking.

The update is available for the following devices:

  • iPhone XS and later.

  • iPad Pro 13-inch.

  • iPad Pro 13.9-inch, 3rd generation and later.

  • iPad Pro 11-inch, 1st generation and later.

  • iPad Air 3rd generation and later.

  • iPad 7th generation and later.

  • iPad mini 5th generation and later.

RPAC (CVE-2025-31201)

This vulnerability allows an attacker with arbitrary read and write capability to bypass pointer authentication. Like the earlier one, this vulnerability was also used in targeted attacks on iOS users. Apple addressed the issue by removing the vulnerable code.

The update is available for the following devices:

  • iPhone XS and later.

  • iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later.

  • iPad Pro 11-inch, 1st generation and later.

  • iPad Air 3rd generation and later.

  • iPad 7th generation and later.

  • iPad mini 5th generation and later.

Watch LIVE TV, Get Stock Market Updates, Top Business, IPO and Latest News on NDTV Profit.
OUR NEWSLETTERS
By signing up you agree to the Terms & Conditions of NDTV Profit
ADVERTISEMENT