Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at specific iOS users.
The flaws, found in the CoreAudio and RPAC components, posed serious risks, including unauthorized code execution and the bypassing of critical security protections.
The first vulnerability, CVE-2025-31200, affects CoreAudio, a key system for handling audio streams on iOS and iPadOS devices.
Apple disclosed that processing a maliciously crafted media file could exploit a memory corruption flaw, potentially allowing attackers to run harmful code.
Apple and Google’s Threat Analysis Group confirmed reports of this issue’s use in targeted attacks, indicating a highly advanced operation.
The second issue, CVE-2025-31201, lies in RPAC, a security feature designed to thwart return-oriented programming attacks.
This flaw could enable an attacker with read and write access to disable Pointer Authentication, undermining a core defense mechanism.
The same targeted campaign also exploited this vulnerability, which Apple acknowledged and fixed by removing the problematic code.
The updates apply to a wide range of devices, including
Apple resolved the CoreAudio flaw through enhanced bounds checking and eliminated the RPAC vulnerability by excising the affected code.
Apple has not revealed specifics about the targets or perpetrators, but the precision and complexity of the attacks suggest involvement of advanced threat actors, possibly state-backed groups.
Zero-day vulnerabilities, which exploit unknown flaws, are typically deployed in high-stakes scenarios like espionage or attacks on prominent individuals. Cybersecurity experts warn that such threats, while rare, underscore the need for vigilance.
“These exploits are a stark reminder of how critical timely updates are,” said a cybersecurity analyst familiar with the issue. “Users must act quickly to secure their devices against these kinds of targeted threats.”
True to its security protocol, Apple withheld details of the vulnerabilities until fixes were ready, prioritizing user safety.
The company’s security release notes, issued on April 16, 2025, outline the vulnerabilities and affected devices. Additional details are available on the Apple Product Security page.
Users can update to iOS 18.4.1 or iPadOS 18.4.1 by navigating to Settings > General > Software Update.
Apple urges all eligible users to install the update immediately to protect against potential exploitation.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…