Apple has recently announced the importance of updating to iOS 18.4, emphasizing that the update addresses several critical security vulnerabilities. One of the most significant vulnerabilities, identified as CVE-2025-24200, affects the USB Restricted Mode—a security feature the company introduced in 2018. This vulnerability could allow an attacker with physical access to a locked device to disable USB Restricted Mode, potentially compromising user data.
In February, Apple had already released a patch for this vulnerability in iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5, cautioning that it had been exploited in highly sophisticated attacks targeting specific individuals. The fix is now also accessible for earlier versions, including iOS 16.7.11 and 15.8.4, as well as iPadOS 16.7.11 and 15.8.4.
Another vulnerability, CVE-2025-24201, allowed malicious web content to perform operations outside of the Safari WebKit browser sandbox. This issue has also been addressed in iOS 16.7.11 and 15.8.4, along with their respective iPadOS versions.
In addition to iOS updates, macOS Ventura recently patched a privilege escalation vulnerability in CoreMedia with the 13.7.5 update. MacOS Sonoma 14.7.5 addressed over 90 vulnerabilities, while the macOS Sequoia 15.4 update resolved more than 120 bugs affecting AirDrop, the App Store, the Dock, and other kernel components.
Overall, the iOS and iPadOS 18.4 update fixed 60 vulnerabilities, none of which had been exploited by hackers. The visionOS 2.4 update provided 35 fixes, and Safari 18.4 addressed 14 security vulnerabilities, including seven related to WebKit, with none having been exploited. Lastly, tvOS 18.4 resolved over 40 security vulnerabilities, reinforcing the importance of keeping systems updated for enhanced security.