Apple’s iOS 18.1 iPhone and macOS 15.1 updates include dozens of security patches

It’s been a pretty rough week for Apple, and it’s only Tuesday. Company announced a new iMac with an M4 chip; the new Mac mini debuted with the M4 and M4 Pro; and with new operating system updates, launched Apple Intelligence on compatible Macs, iPhones, and iPads. But iOS 18.1 and macOS 15.1 were not only about Apple Intelligence: In addition to other non-AI featuresthese updates also include fixes for dozens of security vulnerabilities across devices: 27 of them on iPhone and iPad and 50 of them on Mac.

Apple doesn’t include security information in its general release notes for software updates, so these fixes tend to be overlooked. however, the company posts security notices online shortly after completing user updates. We can now see what’s included in iOS 18.1 and iPadOS 18.1, as well as macOS 15.1. While there are quite a few security patches included in these updates (notably macOS 15.1), the good news is that none of these vulnerabilities are zero-days (security gaps are discovered before a patch is ready) and none of them have active exploits in the wild This means that users are not currently at much risk if they run updates that predate iOS 18.1 and macOS 15.1.

However, you should update as soon as possible—now that these vulnerabilities are known, it’s only a matter of time before attackers figure out how to exploit them.

What flaws did Apple fix?

I was struck by a number of vulnerabilities in macOS. Apps can potentially access your contact information, read sensitive location information through Find My, and leak sensitive kernel state information, for example. If you download a malicious image, it can lead to a denial of service attack, which overloads your Mac to make it inaccessible to you. If an attacker had physical access to your Mac, they could bypass the login window during a software update. Safari’s Private Browsing mode can also leak browsing history.

On iOS and iPadOS, an attacker with physical access to your device could view sensitive information even when it was locked. This includes photos of contacts they may have accessed due to Siri’s flaw. Malware can run arbitrary shortcuts without your consent or leak sensitive kernel state. And like macOS, Private Browsing in Safari can leak your browsing history.

For a complete list of fixes, see Apple’s release notes for iOS 18.1 and iPadOS 18.1or macOS 15.1.

These fixes aren’t just for the latest Apple software updates. In addition, Apple released a security update for iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1and macOS Ventura 13.7.1. These updates are for users who don’t want to update their devices to the latest Apple OS, and for users of older devices who can’t update. The updates include many of the same security fixes as the latest OS releases, so even if you’re using an older version of iOS, iPadOS, and macOS, you’ll be protected.

It’s not all about iPhones, iPads and Macs either, as Apple has released updates for them watchOS 11.1, tvOS 18.1and visionOS 2.1. If you have any of these devices, update them as well.

Install updates to protect your iPhone, iPad, or Mac from these security vulnerabilities

Again, Apple isn’t aware of any of these flaws being actively exploited at this point, but it’s still a good idea to fix them before a bad actor learns how to exploit them.

To update, open Settings (iPhone or iPad) or System Preferences (Mac), then go to General > Software Update. Allow this page to load, then follow the on-screen instructions to download and install the update.