Apple has issued an urgent warning to iPhone and iPad users after discovering major security vulnerabilities. The tech giant has released emergency software updates, iOS 18.3.1 and iPadOS 18.3.1, to address a critical flaw that could allow hackers to take full control of affected devices. The company described the attacks as “extremely sophisticated” and “targeted.”
The security flaw impacts various Apple devices, including:
- iPhone XS and later
- iPad Pro 13-inch
- iPad Pro 12.9-inch (3rd generation and later)
- iPad Pro 11-inch (1st generation and later)
- iPad Air (3rd generation and later)
- iPad (7th generation and later)
- iPad mini (5th generation and later)
Apple’s security advisory highlights that these devices could be vulnerable unless updated immediately. Users are urged to download the latest update to prevent potential cyber threats.
According to Apple, hackers could exploit the flaw to gain full administrative control over an iPhone or iPad. This means attackers could impersonate the owner and install malicious software. Apple also warned that a “physical attack” could disable USB Restricted Mode, a security feature that prevents data transfer through the USB port when a device is locked for more than an hour.
Apple acknowledged that the flaw might have already been used in targeted cyberattacks. However, there are no confirmed reports of specific cases where the vulnerability was actively exploited.
Updating to iOS 18.3.1 and iPadOS 18.3.1 ensures that cybercriminals cannot take advantage of this security flaw. Apple’s security advisory emphasized the importance of installing the latest software update as soon as possible to safeguard personal data.
USB Restricted Mode was first introduced in iOS 11.4.1 to protect users from data extraction attempts. Hackers and even law enforcement agencies have used specialized tools to bypass security features and access locked devices.
As reported by dailymail, Apple’s security vulnerability has drawn attention to hacking tools like “GrayKey,” developed by a cybersecurity company called Grayshift. This tool is designed to unlock iPhones by guessing passcodes through a connected device. Cybersecurity experts have criticized such tools, warning they could fall into the wrong hands, making users more vulnerable to attacks.
Grayshift, founded by former Apple engineers and U.S. intelligence contractors, developed “GrayKey” to help law enforcement agencies unlock iPhones. The device works by connecting an iPhone via USB and retrieving data after a few hours or days. Privacy advocates have long warned that such hacking tools pose a serious risk to users’ security.
According to Tech Radar, Apple has a history of refusing government requests to unlock devices, citing concerns over user privacy. This has led law enforcement agencies to seek alternative methods to gain access to locked iPhones. Recent reports suggest that authorities in some countries have used digital forensic tools from companies like Cellebrite to bypass Apple’s security protections.
The vulnerability Apple is addressing with the new update could potentially allow similar unauthorized access to locked devices. By fixing this flaw, Apple aims to strengthen device security and protect user data.
How to Update Your Device
To update your iPhone or iPad:
- Open Settings
- Go to General
- Tap Software Update
- Download and install iOS 18.3.1 or iPad 18.3.1
Apple also released security updates for Macs, Apple Watches, and Vision Pro devices, although no major vulnerabilities were reported for these products.
