Apple has released updates to its platforms, namely iOS 18.4.1, iPadOS 18.4.1, macOS 15.4.1, tvOS 18.4.1 and visionOS 2.4.1. These updates are for different Apple devices, but they essentially serve the same purpose as they contain crucial security patches that fix flaws that could have been used in real-world attacks.
The first patch is for a bug affecting CoreAudio, which as the name indicates, is Apple’s API for processing audio. The vulnerability allows malicious users to create harmful media files that can be used to execute code when processed as audio streams. This means that attackers can run their code on a user’s device when the media file is played. The underlying problem was a memory corruption issue, which has been addressed with improved bounds checking.
The other vulnerability affects Pointer Authentication, which is a security feature in Apple’s processors. According to Apple, this issue allowed an attacker with arbitrary read and write capability to bypass this security feature. The vulnerable code causing the problem has been removed in the security patch.
Apple noted that both security issues “may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS”. Users have been strongly advised to update their devices to ensure they can no longer be exploited by bad actors.
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
