Apple has released iOS 18.4.1, along with updates for iPadOS, macOS Sequoia, tvOS, and visionOS, to address significant security vulnerabilities that have been actively exploited in the wild.
These vulnerabilities, CVE-2025-31200 and CVE-2025-31201, were part of what Apple calls "extremely sophisticated attacks" against persons.
CVE-2025-31200, rated 7.5 on the CVSS scale, is a memory corruption vulnerability in Apple's Core Audio framework. It could allow attackers to execute arbitrary code simply by convincing a victim to open a maliciously crafted media file. Apple addressed the issue by improving bounds checking. The ability was reported jointly by Apple's and Google's Threat Analysis Group (TAG).
The second weakness, CVE-2025-31201 (CVSS: 6.8), affects Apple's RPAC security mechanism. An attacker with arbitrary read and write capabilities could bypass pointer authentication, an essential protection against memory corruption exploits. Apple mitigated the issue by removing the vulnerable section of code entirely.
These flaws aren't theoretical risks. Apple confirmed that both had been used as weapons in real-world attacks. Even though the victims were specifically targeted, Apple urges all users to update immediately to protect themselves from potential dangers.
Apple has corrected a total of five zero-day vulnerabilities in 2025. Earlier issues include CVE-2025-24085, CVE-2025-24200, and CVE-2025-24201, which address issues ranging from privilege escalation to bypassing USB Restricted Mode.
The latest updates are available for a wide range of devices:
- iOS/iPadOS 18.4.1: iPhone XS and later, various iPad models from the 7th generation onward
- macOS Sequoia 15.4.1: All supported Macs
- tvOS 18.4.1: Apple TV HD and all Apple TV 4K models
- visionOS 2.4.1: Apple Vision Pro
Users can download the update by navigating to Settings > General > Software Update and following the on-screen instructions.
You may not be the specific target of these sophisticated attacks, but updating immediately ensures that your devices are equipped with the most recent security measures.