Along with a handful of notable bug fixes and efficiency enhancements, right now’s iOS 18.0.1 and iPadOS 18.0.1 updates additionally embody a pair of vital safety fixes. Apple says that the updates embody a repair for microphone entry on the iPhone 16 in addition to a repair for entry to the Passwords app throughout all supported iPhone and iPad fashions.
First, Apple says that iOS 18.0.1 fixes a bug the place audio messages within the Messages app may have recorded “a couple of seconds of audio” earlier than the inexperienced microphone indicator was lively within the Dynamic Island and Management Middle. This bug solely particularly impacted the iPhone 16, iPhone 16 Plus, iPhone 16 Professional, and iPhone 16 Professional Max.
Apple additional explains:
Media Session
Obtainable for: iPhone 16 (all fashions)
Affect: Audio messages in Messages could possibly seize a couple of seconds of audio earlier than the microphone indicator is activated
Description: This problem was addressed with improved checks.
CVE-2024-44207: Michael Jimenez and an nameless researcher
Second, Apple says that iOS 18.0.1 and iPadOS 18.0.1 deal with a safety problem the place the VoiceOver characteristic may have learn a consumer’s saved passwords aloud.
Apple explains:
Passwords
Obtainable for: iPhone XS and later, iPad Professional 13-inch, iPad Professional 12.9-inch third technology and later, iPad Professional 11-inch 1st technology and later, iPad Air third technology and later, iPad seventh technology and later, and iPad mini fifth technology and later
Affect: A consumer’s saved passwords could also be learn aloud by VoiceOver
Description: A logic problem was addressed with improved validation.
CVE-2024-44204: Bistrit Dahal
iOS 18.0.1 and iPadOS 18.0.1 are rolling out now. They are often put in by going to the Settings app, selecting Basic, then selecting Software program updates. New software program updates are additionally out there for the Mac, Imaginative and prescient Professional, and Apple Watch, however Apple says these updates would not have any printed CVE entries.
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
