Apple has published iOS 18.4.1 and iPados 18.4.1, which corrects two security defects that have an impact on the return pointer (RPAC) and Coreauadio. This update corrects certain zero-day vulnerabilities which are already actively exploited in the wild.
Registered on the CVE program as CVE-2025-31200, a vulnerability allows attackers to take control of a victim’s iPhone memory. To do this, threat actors deploy a malicious audio file, which allows them to execute malicious code. This vulnerability was detected and reported by Apple and the Google threat analysis group.
CVE-2025-31201 allows attackers to bypass the authentication of the pointer during the exploited. Since pointer authentication is designed to protect memory addresses on iPhones, bypassing this safety feature will expose your iPhone memory, allowing hackers to handle vital files.
Although Apple reported that both The aforementioned vulnerabilities are likely to have been exploited, they have not been widely exploited. Apple explained that it was only exploited in “extremely sophisticated” cyber attacks, which are generally carefully planned for specifically targeted individuals.
Although your device has not been targeted in these sophisticated cyber attacks, it is better to be safe than sorry. If you use an iPhone, iPad or iPod, you must update your devices as soon as possible (we have a guide for this) and protect yourself from potential attacks.
