• Home
  • iOS
  • iPadOS
  • News
  • Apple Releases iOS 18.4.1 – Brings Fixes for Actively Exploited Vulnerabilities, Smashes Other Bugs

Apple Releases iOS 18.4.1 – Brings Fixes for Actively Exploited Vulnerabilities, Smashes Other Bugs

- Apr 16, 2025
Apple Releases iOS 18.4.1 – Brings Fixes for Actively Exploited Vulnerabilities, Smashes Other Bugs

Apple today released iOS 18.4.1 and iPadOS 18.4.1, minor but important updates to the iOS 18 and iPadOS 18 operating systems for the iPhone and iPad, respectively.

The new software can be downloaded over-the-air on compatible iPhones and iPads, by going to “Settings” -> “General” -> “Software Update.”

The updates should be installed as soon as possible, as they include fixes for two major vulnerabilities, which means you should install the new software as soon as you can.

Apple says that these vulnerabilities may have been actively exploited in the wild, and that the security flaws were potentially used in an “extremely sophisticated attack against specific targeted individuals.”

CoreAudio

Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

Impact: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Description: A memory corruption issue was addressed with improved bounds checking.

CVE-2025-31200: Apple and Google Threat Analysis Group

RPAC

Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Description: This issue was addressed by removing the vulnerable code.

CVE-2025-31201: Apple

According to Apple’s release notes, the update also includes bug fixes and it addresses an issue that could cause wireless ‌CarPlay‌ not to work in select vehicles.

Topics
Share
Copyright MacTrast 2025.