Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at specific iOS users.
The flaws, found in the CoreAudio and RPAC components, posed serious risks, including unauthorized code execution and the bypassing of critical security protections.
The first vulnerability, CVE-2025-31200, affects CoreAudio, a key system for handling audio streams on iOS and iPadOS devices.
Apple disclosed that processing a maliciously crafted media file could exploit a memory corruption flaw, potentially allowing attackers to run harmful code.
Apple and Google’s Threat Analysis Group confirmed reports of this issue’s use in targeted attacks, indicating a highly advanced operation.
The second issue, CVE-2025-31201, lies in RPAC, a security feature designed to thwart return-oriented programming attacks.
This flaw could enable an attacker with read and write access to disable Pointer Authentication, undermining a core defense mechanism.
The same targeted campaign also exploited this vulnerability, which Apple acknowledged and fixed by removing the problematic code.
The updates apply to a wide range of devices, including
Apple resolved the CoreAudio flaw through enhanced bounds checking and eliminated the RPAC vulnerability by excising the affected code.
Apple has not revealed specifics about the targets or perpetrators, but the precision and complexity of the attacks suggest involvement of advanced threat actors, possibly state-backed groups.
Zero-day vulnerabilities, which exploit unknown flaws, are typically deployed in high-stakes scenarios like espionage or attacks on prominent individuals. Cybersecurity experts warn that such threats, while rare, underscore the need for vigilance.
“These exploits are a stark reminder of how critical timely updates are,” said a cybersecurity analyst familiar with the issue. “Users must act quickly to secure their devices against these kinds of targeted threats.”
True to its security protocol, Apple withheld details of the vulnerabilities until fixes were ready, prioritizing user safety.
The company’s security release notes, issued on April 16, 2025, outline the vulnerabilities and affected devices. Additional details are available on the Apple Product Security page.
Users can update to iOS 18.4.1 or iPadOS 18.4.1 by navigating to Settings > General > Software Update.
Apple urges all eligible users to install the update immediately to protect against potential exploitation.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
A former information technology manager has filed a whistleblower lawsuit alleging a major security breach…
A federal jury in California has ordered Israeli spyware maker NSO Group to pay approximately…
The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations, particularly…
As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search Service…
UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider, has…
Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800 compromised…