Holding Out on iOS 26? Apple Just Pushed a Vital Security Patch for iOS 18
Toggle Dark Mode
Apple is issuing a software update today to protect more iPhones that are still running iOS 18 against the DarkSword hacking tool, which can allow a bad actor to take over an iPhone if the user visits a website that’s been infected with the malicious code, reports Mactrast.
While devices that are stuck on iOS 18 — the iPhone XS, iPhone XS Max, iPhone XR — already received an iOS 18.7.7 patch on March 24, Apple didn’t make that update available for newer iPhone models, expecting those users to upgrade to the latest release of iOS 26 instead.
However, with many iPhone users deliberately avoiding iOS 26 due to unpopular features like Apple’s new “liquid glass” interface — approximately 25% remain on iOS 18 as of February — an Apple spokesperson told Wired that it’s decided to expand the fix to all iOS 26-capable iPhones that are still running iOS 18.
Tomorrow we are enabling the availability of an iOS 18 update for more devices so users with auto-update enabled can automatically receive important security protections. We encourage all users with supported devices to update to iOS 26 to receive our most advanced protections.
It’s not yet clear whether Apple plans to simply make iOS 18.7.7 available for more iPhone models or release a newer iOS 18.7.8 patch, but in either case this should ensure that anyone with an iPhone 11 through iPhone 16 will be protected from DarkSword without having to make the leap to iOS 26. iPhone 17 models and the iPhone Air will naturally be excluded here, as these models shipped with iOS 26 pre-installed.
The move follows a pushback on social media where many accused Apple of exploiting the risks of DarkSword to push everyone to iOS 26. “Apple is trying to force you onto the dumpster fire that is liquid glass,” Wired cited one Reddit user as writing. Nevertheless, it’s unclear if this will convince everyone, as Wired quoted another Redditor as calling it “bullshit propaganda” and declaring their iPhone as “perfect on iOS 18.1.1.” (Spoiler alert: It’s most definitely not).
To install the iOS 18 update, ensure that your iPhone is fully charged and connected to Wi-Fi before attempting to update your device. To check that the update is available and to install it, do the following: Go to Settings > General > Software Update and ensure you select the iOS 18.7.7 or iOS 18.7.8 version that appears, rather than iOS 26. Those with automatic updates enabled will see the new software installed automatically.
Apple recently released a series of iOS patches to block the use of the toolkit for all iPhone models going back to 2015 (earlier models are unaffected, as the toolkit only targets iOS 13 or later). Apple has also released patches to protect older iPhones from a different iOS hacking tool kit called Coruna. As you might expect, Apple recommends that everyone update to the latest iOS version that their device supports.
While it is common for exploit kits like Coruna and DarkSword to circulate in hacking communities on the dark web, it’s unusual to see such kits be made available to script kiddies and other rookie hackers who want to try them out and see what happens. However, that is exactly what’s happened with DarkSword after the exploit kit was posted to open source code repository GitHub, making it accessible to everyone.
The DarkSword exploit is basically a collection of HTML and JavaScript that can be deployed and hosted on any web server. That makes it trivial for even newbie bad actors to grab the required files and have their own iOS exploit kit ready to attack unsuspecting — and unpatched — iPhones in the matter of a few minutes.
“The exploits will work out of the box,” Matthias Frielingsdorf, the co-founder of mobile security startup iVerify, told TechCrunch. “There is no iOS expertise required.”
“This is bad. They are way too easy to repurpose,” Frielingsdorf continued. “I don’t think that can be contained anymore. So we need to expect criminals and others to start deploying this.”
DarkSword has been used by various hacker groups to break into the iPhones of users in Malaysia, Saudi Arabia, Turkey, and Ukraine, according to Google.
