iOS 18.0.1 Includes These Two Important Security Fixes
Credit: ink drop / Adobe Stock
Toggle Dark Mode
Although yesterday’s bug fixes releases of iOS 18.0.1 et al didn’t appear to fix any security vulnerabilities at first glance, it turns out there were a couple of potentially serious ones that have been addressed in this latest sub-point release.
When iOS 18.0.1, iPadOS 18.0.1, macOS 15.0.1, and watchOS 11.0.1 were released to the public, Apple had yet to update its security fixes page. However, it’s since done so, and while its other software updates are still in the clear, iOS 18.0.1 and iPadOS 18.0.1 address two issues with audio recording and the new Passwords app.
These should encourage you to install iOS/iPadOS 18.0.1 as soon as possible, even if you haven’t experienced any of the bugs that are fixed by these releases. Although updating is still a recommended preventative measure to avoid everyday stability problems, closing security holes is even more important — especially where your privacy is concerned.
The good news is that neither of these vulnerabilities has been exploited by hackers, and they don’t seem like things that would be open to external attacks. Instead, they’re the sort of things that could result in you inadvertently compromising your own security.
The first is a “Media Session” problem specific to the iPhone 16 family. In iOS 18.0 and iPadOS 18.0, it’s possible that an audio message you send to someone via iMessage could include a bit more than you intended to send:
Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated
Since most folks don’t expect recording to begin prematurely, it’s easy to imagine situations where this could be embarrassing at best and downright incriminating in more extreme cases. Credit for finding this one goes to Michael Jimenez and “an anonymous researcher.”
The second issue affects Apple’s new Passwords app on all devices running iOS/iPadOS 18.0, all the way back to the iPhone XS and fifth-generation iPad mini. According to Apple’s security update notes, folks using the VoiceOver Accessibility feature could find their passwords being inadvertently read aloud for anyone nearby to hear. This flaw was found by Bistrit Dahal.
It’s unclear if these issues have been addressed yet for those running the iOS 18.1 developer and public betas, although I’ve been unable to reproduce either on iOS 18.1 beta 5 on my iPhone 16 Pro Max.
In addition to these security fixes, iOS 18.0.1 and iPadOS 18.0.1 resolve issues causing the touchscreen to freeze up on the iPhone 16 and iPhone 16 Pro, along with a memory allocation issue that could impact performance on some iPhone and iPad models. The iPadOS 18.0.1 update has also once again been cleared for launch on the M4 iPad Pro after the original iPadOS 18.0 update was pulled for bricking some tablets.
The latest round of updates also fixes a problem where Messages crashed when replying to a message containing a shared Apple Watch face. This manifested on all platforms and is addressed for the Apple Watch and Mac in watchOS 11.0.1 and macOS 15.0.1, even though these updates don’t contain any security fixes. The Apple Watch update also resolved a battery drain issue and unresponsive touchscreens on the latest models.
You can check for and install the latest updates by visiting the Software Updates section in your iOS, iPadOS, macOS, or Apple Watch Settings apps.
