Update Your iPhone to Protect Against These Two Actively-Exploited Vulnerabilities
iOS 18.4.1 is the latest iPhone update.
Last week, Apple released a minor software update for iPhone: iOS 18.4.1. This update doesn’t bring new features to your iPhone. In fact, after you install it, your iPhone should look and feel exactly the same. But under the surface, the update actually patches two security vulnerabilities that bad actors have already actively exploited.
The first flaw, CVE-2025-31200, is a memory corruption issue affecting iOS’ CoreAudio API. With this flaw in place, a bad actor can create a malicious file containing an audio stream for an iPhone to process. When it does, the bad actor can then execute code on the device. The second flaw, CVE-2025-31201, allows bad actors to bypass Apple’s Pointer Authentication, which Apple addressed by removing the vulnerable code from iOS.
While all security flaws are important to patch, these two are particularly concerning. According to Apple, these flaws, “may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.” That likely refers to serious cyberattacks against high-profile individuals, such as politicians and journalists.
Still, even if the known attacks are isolated to these types of targets, all iPhones users should install the update as soon as possible. As a matter of fact, Apple released complimentary updates for many of its devices, including iPad, Mac, Apple TV, and Vision Pro. If you have any of these, you should install the latest update to protect it against these two vulnerabilities—and the bad actors who may exploit them.
To install the update on most devices, open the Settings app, then choose “General -> Software Update.” From here, follow the instructions to download and install the latest update.
Share This
Thanks for the insight! I appreciate your opinions on these subjects. Cheers!