On Wednesday, Apple pushed updates to most of its platforms: iOS 18.4.1, iPadOS 18.4.1, macOS 15.4.1, tvOS 18.4.1 and visionOS 2.4.1. They contain two security fixes for flaws that may have been used in real-world attacks, so it's wise to update your devices without too much delay.
Apple is aware of a report that both security issues "may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS."
One patched bug is in Apple's audio framework, CoreAudio. This memory corruption issue allowed malicious media files to execute code when processed as audio streams. The other relates to the Remote Participant Audio Control (RPAC) framework, which lets communications apps manage audio streams. That flaw allowed an attacker with arbitrary read / write capabilities to bypass Pointer Authentication (a security feature in Apple's processors).
Apple "strongly advises" all users to update their devices.
This article originally appeared on Engadget at https://www.engadget.com/mobile/smartphones/ios-1841-patches-two-iphone-security-flaws-used-in-extremely-sophisticated-attacks-194922877.html?src=rss https://www.engadget.com/mobile/smartphones/ios-1841-patches-two-iphone-security-flaws-used-in-extremely-sophisticated-attacks-194922877.html?src=rssLogin to add comment
Other posts in this group
Microsoft is dramatically increasing the price of the
Anyone rocking a recent-gen high-end GPU like an RTX
Apple has been warning possible victims of spyware attacks, according to several alleged recipients of the messages. At the time of writing there appears to be at least two people who have confirme
Apple has been ordered to pay a $502 million l
The BBC announced a new addition to its Maestro series of masterclasses, featuring its first posthumous teacher, Agatha Christie, presenting her writing tips in 4K video. The best-selling author of
