Apple's Latest Security Patch Fixes Two Actively Exploited Zero-Day Vulnerabilities

On Wednesday, Apple released new software updates for iPhone, iPad, Mac, Apple TV, and Vision Pro. While it might seem like these updates are quite small, each contains two very important patches for serious security vulnerabilities on your devices.

Apple's latest security patches

Apple releases five updates across these device categories: That's iOS 18.4.1 for iPhones, iPadOS 18.4.1 for iPads, macOS Sequoia 15.4.1 for Macs, tvOS 18.4.1 for Apple TVs, and visionOS 2.4.1 for Vision Pros. Despite the fact that these are all different updates for different devices, the security updates are exactly the same on each.

All updates patch two security vulnerabilities across devices. The first, tracked as CVE-2025-31200, is a flaw affecting CoreAudio—Apple's API for handling audio. Actors who know about the vulnerability can create a malicious media file for Apple devices to play. When the device processes the audio stream, it allows for code execution, which means attackers can run their code on your machine.

The second vulnerability is tracked as CVE-2025-31201, and affects RPAC. PACs, or Pointer Authentication Codes, are a security feature that can help prevent bad actors from exploiting memory corruption flaws. A bad actor aware of the flaw can bypass Pointer Authentication. Apple addressed the flaw by removing the compromised code across its different OSes.

The reason both of these flaws are particularly serious is that they are actively exploited. Ideally, companies like Apple identify flaws before anyone else does, and issue patches before those flaws are disclosed. Sometimes, however, bad actors discover flaws like the ones above before companies have a chance to patch them, and exploit them in targeted attacks. In these two cases, Apple says bad actors exploited these flaws "in an extremely sophisticated attack against specific targeted individuals on iOS," which is the same language the company used for flaws it patched with iOS 18.3.2.

In addition to the security patches, iOS 18.4.1 also patches a "rare" bug that might prevent wireless CarPlay connections in certain cars.

This security update follows the security patches Apple included with software updates like iOS 18.4 and macOS Sequoia. Apple's iOS and iPadOS updates patched 60 security vulnerabilities, while its Mac update patched more than 120. Luckily, none of those were known to be actively exploited at the time.

Security patches vs. software updates

Some platforms separate security patches and software updates as two distinct processes. Not Apple. Usually, the company couples security patches and software updates together, which creates some interesting situations. You can have a feature-filled software update that is also full of security patches, a feature-filled software update with few (or no) security patches, or a software update with few (or no) features, and any number of security patches.

This latest patch is that last category: Every now and then, Apple will discover critical security vulnerabilities on its platforms, and it's imperative to push them out to users as quick as possible—especially if that flaw has already been used by bad actors.

These are the times when you see software updates on your iPhone or Mac that look like a weirdly long string of numbers—iOS 18.4.1, for example. iOS 18 is the big update, with all the keynote features; 0.4 is the minor update, that comes with some new features; and while it's possible a 0.0.1 update could come with new features, it usually denotes security patches and bug fixes.

There is an exception to this rule: Apple's Rapid Security Responses. These are strictly security patches—not feature updates—and are deployed when it's absolutely critical to patch a security flaw on customers' devices. You'll know when one of these hits your device, since it not only says "Security Response," but also includes an (a) to denote this isn't a standard update.

This isn't a Security Response, though: This is an update, that just so happens to be a security patch. I know—not confusing at all.

How to install a security patch on your Apple device

Again, these security patches are really just software updates. As such, you can install these patches just as you would any other Apple update. On most Apple devices, you can head to Settings (System Settings for macOS) > General > Software Update, then follow the on-screen instructions to download and install the latest update.