Apple has now released iOS 18.3.1, an important emergency update aimed at fixing a serious security vulnerability that is already being used in real-world attacks. Even Apple Intelligence encountered a bug that was quite unexpected.
iPhone users are highly recommended to update their devices as soon as possible to protect them from future cyber attacks.
iOS 18.3.1 Fixes a Serious Security Flaw
Apple Urges Immediate iOS 18.3.1 Update to Fix Critical Security
Thai Nguyen/Unsplash
In a report by Forbes, Apple recently released a fix that removes a crucial weakness in the Accessibility feature, where attackers can remotely turn off USB Restricted Mode on an unlocked phone.
The vulnerability identified “CVE-2025-24200 was originally spotted by security expert Bill Marczak from The Citizen Lab at the University of Toronto’s Munk School.
Exploiting the weakness is also highly troubling, as it allows physical attack access attackers to undermine the fundamental security mechanisms implemented for the security of user information.
Read more:
Apple Humanoid Bots? Analyst Reveals New Plans Including Pixar-Style Lamp in Early Research
How the Exploit Operates
USB Restricted Mode, added in iOS 11.4.1, is a critical security measure that blocks unauthorized USB accessories from attaching to a locked device. The action was designed to block hacking devices such as Grayshift’s GrayKey, which law enforcement and forensic investigators commonly use to unlock iPhones.
The newly discovered vulnerability, however, allows sophisticated attackers to bypass this feature, exposing devices to possible intrusion.
Who is It a Threat To?
Apple’s security advisory states that the attack is closely targeted, potentially directed against celebrities like journalists, dissidents, business leaders, and politicians.
Although physical access to an iPhone is necessary to exploit the issue, since the vulnerability is currently being employed in advanced attacks, it is still a problem to worry about for everyone.
Apple Intelligence Bug
In addition to the security update, iOS 18.3.1 has also brought a surprise problem: Apple Intelligence is automatically enabled by default following the update, even for those who previously disabled it.
This has left privacy-focused users concerned, as Apple’s AI capabilities gather and process significant amounts of user data. While the iPhone maker is firm in its commitment to privacy, users are encouraged to double-check their settings after the update:
Other Updates Released With iOS 18.3.1
Besides iOS 18.3.1, Apple has also released updates for other devices:
- macOS Sequoia 15.3.1
- macOS Sonoma 14.7.4
- macOS Ventura 13.7.4
- watchOS 11.3.1
- visionOS 2.3.1
Interestingly, Apple has not revealed particular vulnerabilities fixed in these updates, only that they include “important security fixes.”
Security researcher Josh Long has speculated that Apple might have either fixed minor security issues without giving them CVE numbers or simply reused generic update release notes.
Why You Should Update Now?
With Apple already verifying that this vulnerability has been exploited, all iPhone users must upgrade to iOS 18.3.1 as soon as possible.
Jamf security expert Adam Boynton advises that the attackers using this vulnerability could obtain complete administrative privileges on a device, which might involve impersonating the owner and performing unauthorized operations.
Note, however, that this vulnerability cannot be exploited remotely but only if attackers are physically present on the device. Nonetheless, for the risks involved, Apple highly advises an update to secure the devices from possible threats.
How to Update Your iPhone to iOS 18.3.1
To update the new security patch and secure your phone, follow these steps:
Related Article:
Apple iOS 18 Messages App Does the Math: Solve Equations and Convert Units Instantly, But How?