Apple has already highlighted the importance of updating to iOS 18.4.1, the emergency iPhone upgrade issued just days ago. But now the U.S. government is also warning about the two vulnerabilities fixed in iOS 18.4.1 — both of which are being exploited in real-life attacks.
Government agency the Cybersecurity and Infrastructure Security Agency has added both the flaws fixed in iOS 18.4.1 to its Known Exploited Vulnerabilities Catalog. In simple terms, this is an index of issues known to be used in real-life attacks that could be a risk to government agencies, businesses and individuals alike.
CISA is also giving government agencies a deadline of May. 8 to update to iOS 18.4.1, to ensure the security of iPhones and other Apple devices being used in these scenarios.
The iOS 18.4.1 deadline is specifically for government agencies, but the agency advises businesses to use it as a benchmark too — and so should individuals who could be at risk from iPhone attacks.
The Flaws Patched In The iOS 18.4.1 iPhone Update
Apple’s iOS 18.4.1 fixes two flaws that affect iPhones running operating system versions of iOS 18.4 or earlier. In case you are wondering, that’s the version before iOS 18.4.1.
The first is CVE-2025-31200, a memory corruption vulnerability that affects multiple Apple products. If exploited in attacks, the flaw fixed in iOS 18.4.1 could allow an adversary to execute code on your device. “Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file,” CISA said in its advisory.
MORE FOR YOU
New Gmail Warning — Do Not Open This Email From Google
WWE WrestleMania 41 Results, Winners And Grades On Night 2
NYT Mini Crossword Hints, Clues And Answers For Monday, April 21
The agency advises “applying mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”
The second flaw patched in iOS 18.4.1, CVE-2025-31201, is an arbitrary read and write vulnerability. “Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication,” CISA warned.
Pointer Authentication is a security mechanism designed to resist memory disclosure attacks, says Adam Boynton, senior security strategy manager EMEIA at Jamf told me. “Bypassing it gives an attacker the opportunity to launch attacks and access to parts of the device’s memory.”
Again, CISA is advising organizations to “apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”
Update To iOS 18.4.1 To Keep Your iPhone Secure
Apple says the flaws fixed in iOS 18.4.1 were used in targeted attacks on iOS devices. Some have speculated that these could have involved spyware, a type of malware that allows adversaries to see and hear everything you do on your device.
The issues fixed in iOS 18.4.1 were likely targeted against journalists, government officials, dissidents and businesses in certain sectors. However, once the flaws’ details are out there — as they are now the iOS 18.4.1 fixes have arrived — more attackers could use them more broadly.
As CISA says, the types of vulnerabilities included in its KEV are “frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”
As well as FCEB agencies, CISA “strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice.”
In other words, update to iOS 18.4.1 as soon as possible and before the deadline. Go to Settings > General > Software Update and upgrade your iPhone to iOS 18.4.1 now.
