The iOS 18.4.1, iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, and visionOS 2.4.1 updates that Apple released today include fixes for two major vulnerabilities, which means you should install the new software as soon as you can.
According to Apple, it is aware of reports that these vulnerabilities may have been actively exploited in the wild. Apple says that the security flaws were potentially used in an "extremely sophisticated attack against specific targeted individuals."
One of the issues impacts CoreAudio, and involves a maliciously crafted audio file. Processing the audio stream in the media file could result in code execution. Apple fixed the memory corruption issue with improved bounds checking.
The other vulnerability affected pointer authentication code, and an attacker with arbitrary read and write capability could bypass the Pointer Authentication features that prevent memory from being tampered with. Apple removed the vulnerable code to prevent the exploit from working.
All of th
