Apple’s iOS 18.3 fixes a hefty list of 29 vulnerabilities, one of which has already been used in … [+]
Apple iPhone
Update, Jan. 28, 2025: This story, originally published Jan. 27, now includes more details of the fixes issued alongside iOS 18.3, as well as some expert analysis on the update.
Apple has issued iOS 18.3, along with a warning to update your iPhone now. That’s because iOS 18.3 fixes a hefty list of 29 vulnerabilities, one of which has already been used in attacks.
Apple doesn’t give much detail about the issues fixed in iOS 18.3, because it wants to give people as much time to update as possible before attackers can get hold of the details.
But the already exploited issue patched in iOS 18.3 is a flaw in CoreMedia tracked as CVE-2025-24085 that could see a malicious application able to elevate privileges.
Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2, the iPhone maker said on its support page.
What’s Fixed In iOS 18.3
Apple’s iOS 18.3 also fixes two bugs in the Kernel at the heart of the iOS operating system. Tracked as CVE-2025-24107, the first flaw could see a malicious app able to gain root privileges. Meanwhile, the second issue could allow an app to execute code with Kernel privileges.
The iOS 18.3 update patches several flaws in WebKit, the engine that underpins the Safari browser. A bug in WebKit Web Inspector could lead to command injection — where a malicious hacker tricks an application into executing operating system commands.
Meanwhile, an issue in AirPlay tracked as CVE-2025-24137 could allow a remote attacker to cause an unexpected application termination or code execution.
Another bug in Passkeys could see an adversary use an app to gain unauthorized access to Bluetooth.
Apple Issues Updates For Macs Alongside iOS 18.3
Alongside iOS 18.3, iPadOS 18.3 and iPadOS 17.7.4, Apple has issued macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, watchOS 11.3, tvOS 18.3, visionOS 2.3 for its Apple Vision Pro headset and Safari 18.3, fixing many of the same issues — including the already-exploited flaw.
Why You Should Update To iOS 18.3 Now
Apple released iOS 18.3 alongside iPadOS 17.7.4, but there is no iOS 17.7.4 update yet. This could be because iOS 17 is not affected, or because Apple is no longer offering the update to newer devices, or the details aren’t available yet.
But at least for now, the lack of available iOS 17 updates means you will be more secure if you update to iOS 18.
The bug fixes in the iOS 18.3 release span “a wide number of critical services,” including Accessibility, AirPlay, CoreMedia, Kernel, Passkeys, Safari and Webkit, says Michael Covington, VP of strategy at security outfit Jamf.
A close reading of the release notes provides some insight into the threat vectors that could potentially compromise iOS, he says. “In this particular release, we saw patches that prevent locked apps from being bypassed, that block attackers on local networks from corrupting memory, that prevent multiple flavors of denial-of-service attacks — and other fixes that are designed to provide a more secure web browsing experience.”
Covington advises users and organizations that rely on iPhones “to install security updates as quickly as possible.”
And iOS 18.3 “is no exception,” he says. “Staying up to date with the latest patches is one of the most effective ways to safeguard devices against attackers and ensure you stay protected.”
When you do upgrade to iOS 18.3, note that Apple has automatically enabled AI for iPhone 15s and above, so check your settings and disable if you want.
Apple’s iOS 18.3 is available for the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later and iPad mini 5th generation and later.
In my mind, upgrading to iOS 18.3 is a no-brainer. The update fixes an issue that’s been exploited in real-life attacks, making it important that you update as soon as possible to keep your iPhone safe.
So, what are you waiting for? Go to your iPhone Settings > Software Update and download and install iOS 18.3 now.
