The Mac Security Blog

Software & Apps

Urgent: macOS Sequoia 15.4.1, iOS 18.4.1 address 2 zero-day vulnerabilities

Posted on by

Urgent Apple security update alert

On Wednesday, April 16, Apple rolled out urgent security patches for macOS Sequoia, iOS 18, and iPadOS 18. In these updates, Apple fixed two zero-day vulnerabilities—security flaws that have been actively exploited in the wild.

We recommend prioritizing installing these updates. Here’s everything you should know about the security flaws that Apple addressed.

In this article:

What Apple patched

New OS updates: macOS Sequoia 15.4.1; iOS 18.4.1; iPadOS 18.4.1

Available for: All supported Macs capable of running macOS Sequoia; iPhone XS and later; iPad Pro 13-inch, iPad Pro 13.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

CoreAudio

Impact: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Description: A memory corruption issue was addressed with improved bounds checking.

CVE-2025-31200: Apple and Google Threat Analysis Group

 

RPAC

Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

Description: This issue was addressed by removing the vulnerable code.

CVE-2025-31201: Apple

See the Apple security releases page for links to these details. We recommend updating sooner rather than later.

How to install Apple security updates

For macOS updates

You can get this update by going to Apple menuSystem Settings… > GeneralSoftware Update.

If you have any trouble getting the macOS update to show up, either press ⌘R at the Software Update screen, or type in the Terminal softwareupdate -l (that’s a lowercase L) and press Return/Enter, then check System Settings > General > Software Update again.

Note that Apple only fully patches the latest macOS version—currently, that’s macOS Sequoia; older macOS versions only get a subsection of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?

If you haven’t yet upgraded to macOS Sequoia, be sure to first update your critical software. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, if your Mac is running macOS Ventura (13.x) or newer, check for macOS updates by going to Apple menu > System Settings… > General > Software Update. If your Mac is running macOS Mojave (10.14.x) through macOS Monterey (12.x), you’ll instead go to Apple menu > System Preferences… > Software Update. If your Mac is running macOS High Sierra (10.13.x), you’ll need to look for macOS Sequoia in the App Store and download it from there.

If your Mac is not on Apple’s compatibility list for macOS Sequoia, you should consider buying a new Mac; learn which one is ideal for you. Or, if you like living on the edge, you can upgrade your old Mac to macOS Sequoia without Apple’s support or blessing; many Macs from 2008 or later can be upgraded through the unofficial method.

 

For iOS and iPadOS updates

Users of iPhone or iPad can open the Settings app and choose General > Software Update to update iOS or iPadOS on their devices. (Apple calls this an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there; or, if you use a Windows PC, you can use the Apple Devices app.

 

It’s wise to back up before updating

Whenever you’re preparing to update macOS, iOS, or iPadOS, it’s a good idea to always back up your data before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly.

How to Verify Your Backups are Working Properly

See also our article on how to back up your iPhone or iPad to iCloud and to your Mac.

Should you back up your iPhone to iCloud or your Mac? Here’s how to do both

How can I learn more?

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on X/Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on LinkedIn Follow Intego on Pinterest Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 25 years, which is often featured by major news outlets worldwide. Look for more of Josh's articles at security.thejoshmeister.com and follow him on X/Twitter, LinkedIn, and Mastodon. View all posts by Joshua Long →