sortiwa
In a nutshell: Apple released iOS 18.4.1 this week with patches for two critical iPhone security flaws, both of which were being exploited in the wild. The update also contains important bug fixes, including one for an annoying CarPlay glitch that caused random connection issues and other problems.
The first security vulnerability addressed in the latest update is in CoreAudio, tracked as CVE-2025-31200. According to Apple’s security bulletin, it allowed for malicious code execution when processing an audio stream from an infected media file. The vulnerability is described as a memory corruption issue that was fixed with improved bounds checking.
Apple says it has received reports that this bug was exploited in an “extremely sophisticated attack against specific targeted individuals on iOS,” but did not divulge further details or how it was exploited to target unsuspecting users. The vulnerability was detected by Apple and the Google Threat Analysis Group.
The second security flaw, tracked as CVE-2025-31201, is in RPAC and reported by Apple. The bug could allow an attacker with arbitrary read and write capability to bypass Pointer Authentication in some cases. Like the first bug, this vulnerability was also exploited in targeted attacks against specific iPhone users. It was fixed by removing the faulty code.
Devices impacted by these two vulnerabilities include iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, iPad mini 5th generation and later, Mac models running macOS Sequoia, Apple TV HD and Apple TV 4K (all models), and Apple Vision Pro.
The bugs were fixed in iOS 18.4.1, iPadOS 18.4.1, tvOS 18.4.1, macOS Sequoia 15.4.1, and visionOS 2.4.1. Apple is advising all users to install the latest updates on their devices as soon as possible to protect themselves from potential attacks.
Apart from the security patches, iOS 18.4.1 also includes a fix for a CarPlay bug that resulted in random connection problems. Some users claimed that their CarPlay connection suddenly became unstable following the iOS 18.4 update, resulting in frequent disconnections. Others reported that they were getting a blank CarPlay screen and were unable to use the software at all.
Apple says it has now fixed the issue for good, so users will hopefully be able to use CarPlay seamlessly in their vehicles once again.
Source link