iOS 18.4.1 fixes two actively exploited vulnerabilities.
The iOS 18.4.1 update contains security fixes for vulnerabilities that may have been used in sophisticated attacks. Here’s why you should update.
On Wednesday, more than two weeks after the launch of iOS 18.4, Apple released iOS 18.4.1. Though the update itself is relatively minor, with only a CarPlay fix and no new features, the software includes two significant security patches.
Specifically, iOS 18.4.1 addresses a CoreAudio issue that enabled malicious code execution by processing a media file. Apple addressed the memory corruption issue by implementing improved bounds checking and gave the vulnerability the designation CVE-2025-31200.
The iPhone maker also resolved an RPAC issue with iOS 18.4.1, listed as CVE-2025-31201. Vulnerable code was removed from the operating system, making it so that attackers with arbitrary read and write access can no longer bypass Pointer Authentication.
For both of these vulnerabilities, Apple says it’s aware of reports that they may have been used in “extremely sophisticated” attacks against targeted individuals on iOS. Though the now-patched exploits only affected select individuals, Apple recommends that all iOS users install the iOS 18.4.1 update.
It’s important to keep your operating system up-to-date. Apple’s latest security fixes ensure that bad actors have a much more difficult time obtaining your private user data, on some occasions even patching actively used exploits, as was the case with Wednesday’s iOS 18.4.1 update.
