Apple Rolls Out iOS 18.4 With A Critical Security Warning To Millions Of iPhone Users

Following the rollout of iOS 18.3 in January, Apple released iOS and iPadOS 18.4 updates, which contain 62 security fixes, including a fix for a critical flaw in iPhones, iPods, and iPads. Apple highly recommends users update their devices ASAP to be protected against these vulnerabilities.

Among the updates, Apple fixed critical security vulnerability CVE-2025-30432. This flaw makes it possible for threat actors to unlock an iPhone using malicious apps. The issue primarily exposes the most important part of iOS, the kernal, which is the link between the software and the hardware. Cyber risk investigator Michael (Biscuit) Thomas was credited for discovering and reporting this vulnerability.


Another notable vulnerability fixed with the v18.4 updates is an accessibility flaw that allows malicious actors to gain unauthorized access to steal sensitive information from users. The flaw is registered as CVE-2025-24202. ByteDance's Zhongcheng Li was credited for reporting this flaw.

Also fixed is CVE-2025-2422, which allows malicious actors to take advantage of iPhone backups. This vulnerability enables malicious actors to steal sensitive keychain data from a copy of an iPhone backup. Apple explained that it did not simply fix this flaw, it also added an extra layer of security to prevent similar occurrences in the future.

Hossein Lotfi and other anonymous researchers of the software vulnerability initiative, Trend Micro Zero Day, were credited for a notable number of discoveries. These include two audio flaws - CVE-2025-24243 and CVE-2025-24244, and other vulnerabilities impacting the ImageIO, CoreText, CoreAudio, and CoreMedia.

Considering the risk associated with these flaws, all iPhone, iPad, and iPod users are encouraged to update to iOS 18.4 and iPadOS 18.4 to be patched against the aforementioned vulnerabilities and many others. If you don't know how to update your device, you may check our guide here.