Apple’s iOS 18.4 and iPadOS 18.4 updates contain multiple fixes designed to keep your data secure. Here’s what you need to know, and why you should consider updating right away.
On Monday, after a series of developer betas and two separate release candidate builds, Apple finally launched iOS 18.4 to the general public. Though the update contains various Apple Intelligence improvements and an all-new Apple Vision Pro app, the software also patches multiple vulnerabilities.
As with every major iOS update, iOS 18.4 addresses core security issues related to different features and aspects of the iPhone operating system. Many of the changes introduced on Monday were implemented to prevent bad actors from accessing users’ private information.
The iOS 18.4 fixes that keep your data safe
The iOS 18.4 update introduces 15 security fixes that protect sensitive user data. Apple addressed vulnerabilities across many areas of the iPhone operating system, meaning that attackers will have a much more difficult time accessing users’ private information.
Many of the fixes in iOS 18.4 are designed to keep user data secure.
Specifically, iOS 18.4 resolved issues with the software’s Accessibility, CoreServices, Focus, Foundation, Apple Maps, and Handoff features, along with multiple security vulnerabilities that affected the virtual assistant Siri. In each case, the vulnerability would’ve given an app access to sensitive user data, though thankfully none of the issues were actively exploited.
Logging issues with the iOS Accessibility, Focus, and Foundation features were resolved through improved data redaction, while Maps received a logic improvement that addressed a path-finding issue. The now-resolved Maps vulnerability would have allowed an application to access sensitive location information, which makes the fix quite significant.
Apple resolved three relatively similar data security issues related to Siri, though they were all addressed in different ways. According to the company’s website, a Siri privacy issue was resolved by not logging the contents of text fields, while other issues were patched with improved data redaction and restrictions to data container access.
CoreMedia Playback had a path handling issue that Apple patched through improved validation. The now-resolved issue would have allowed a malicious application to access private information.
Though many of the iOS 18.4 security fixes prevent apps from gaining unauthorized access to sensitive information, Apple also included a change that affects iOS backups. Through improvements to data access restrictions, the iPhone maker patched an issue that made sensitive keychain data accessible from an iOS backup.
Some iOS 18.4 fixes protect your photos
With the iOS 18.4 update, Apple introduced security fixes that keep users’ photos safe from attackers. Through improved state management, the company addressed an issue that enabled access to the Hidden Photos Album without prior authentification.
Some of the fixes in iOS 18.4 prevent attackers from accesing your photos.
This means that attackers would have been able to bypass the requirement for Face ID or Touch ID authentification, directly accessing images in iOS 18.3.2 and earlier. Thankfully, though, there are no indications that this issue was actively exploited.
Another now-patched Photos vulnerability allowed users with physical device access to view photos from the iOS Lock Screen. This issue was similarly resolved through state management improvements.
Before the iOS 18.4 update, attackers with a USB-C connection to an unlocked iOS device were able to “programmatically” access photos. Apple patched a MobileLockdown issue with authentication improvements.
iOS 18.4 improves security when the device is locked
Apple also prevented attackers with physical access from using Siri and Focus to retrieve sensitive personal information. This was done by limiting the number of Siri options allowed on a locked iOS device and by implementing improved checks for the Focus feature.
iOS 18.4 fixes Lock Screen security issues.
A now-patched Kernel vulnerability made it possible for malicious apps to attempt passcode entry on a locked device, which escalated time delays after four failures. The logic issue was addressed via improved state management.
Before the iOS 18.4 update, malicious apps were able to dismiss lock screen recording notifications, potentially making the user unaware that a recording had begun. Apple was able to fix the Share Sheet issue through improved access restrictions.
Passwords are now more secure on iOS 18.4, as a noteworthy Authentication Services issue was resolved. The password autofill feature was able to input passwords despite failed authentication — something that Apple patched through improved state management.
iOS 18.4 security patches prevent denial-of-service attacks
The iOS 18.4 update contains a noteworthy fix that prevents remote users from launching denial-of-service attacks. According to Apple’s website, Monday’s software update addressed a validation issue with improved logic.
The iOS 18.4 update contains a fix that prevents denial-of-service attacks.
Another major security fix stops applications from gaining root privileges. The iOS 18.4 update dealt with a DiskAttribution vulnerability through improved path validation, which resolved a parsing issue in the handling of directory paths.
ibxpc had a symlink issue that allowed apps to delete files for which they didn’t have the appropriate permissions. It was dealt with through improved symlink handling and is now patched in iOS 18.4. The Shortcuts app received a similar fix that prevents it from accessing normally inaccessible files.
A now-patched RepairKit vulnerability allowed apps to bypass the iOS Privacy Preferences. Additional entitlement checks were implemented with iOS 18.4, thereby resolving the RepairKit security issue.
Apple also addressed a variety of other security issues that allowed for unexpected process terminations or corrupted process memory. Though many such fixes were introduced, the iOS 18.4 update also contains a variety of Safari and WebKit fixes.
Safari and Web browsing fixes in iOS 18.4
With iOS 18.4, Apple introduced four fixes for the Safari web browser and addressed six different WebKit vulnerabilities.
iOS 18.4 fixes multiple Safari and WebKit vulnerabilities.
Two of the Safari fixes prevent user interface and address bar spoofing. The remaining two Safari patches prevent websites from accessing user information without their consent and improve the source association of downloaded files, respectively.
The iOS 18.4 update introduced two security fixes related to Web Extensions. Specifically, Apple’s latest software update prevents applications from gaining access to the user’s local network, and makes it so that visiting a website no longer leaks user data.
Three now-patched WebKit issues used maliciously crafted website content to trigger a Safari or process crash, and all three were addressed with improved memory handling in iOS 18.4.
Another WebKit security fix prevents websites from tracking Safari users in private browsing mode, while a separate patch prevents malicious iframes from leading to a cross-site scripting attack.
Other security fixes in the iOS 18.4 update
Overall, the iOS 18.4 update contains more than 20 different security fixes and patches a wide variety of vulnerabilities. The full list of security updates and fixes for iOS 18.4 can be seen on Apple’s website.
Alongside the patched vulnerabilities already mentioned here, Apple resolved issues with AirDrop, the Journal app, and various operating system components, such as CoreAudio, CoreMedia, libnetcore, and more.
It’s important to always keep your operating system up-to-date. Apple’s latest security fixes ensure that bad actors have a much more difficult time obtaining your private user data and photos, with the iOS 18.4 update being no exception.
