iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4 Address 50+ Vulnerabilities

[MacRumors]

The iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4 updates that Apple released today include a long list of fixes for security vulnerabilities, though none of the issues addressed were known to have been actively exploited.

iOS 18.4 and iPadOS 18.4 fix 60 vulnerabilities, including an issue that could allow sensitive keychain data to be accessible from an iOS backup, a problem where password autofill filled a password even after a failed authentication, and a bug that could allow hidden photos to be viewed without authentication.

Apple has a full list of iOS 18.4 and iPadOS 18.4 fixes in its security support document. There's a separate security support document for macOS Sequoia 15.4, and the macOS Sequoia 15.4 update addresses over 120 vulnerabilities with everything from AirDrop and the App Store to the Dock and Kernel.

Because iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4 fix so many vulnerabilities, it is a good idea to update as soon as possible even if there were no known instances of these security holes being used in the wild.

Article Link: iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4 Address 50+ Vulnerabilities

 

[Astuces iOS]

not the case with iOS 15.8.4

 

[AusMness]

Good. Everyone update asap.

 

[N0ughtsAndCr0sses]

Wow, so many flaws. You would think they were features at this point 🤣🤣

 

[Plutonius]

Sounds good but what other flaws / vulnerabilities will Apple introduce with this update ?

 

[citysnaps]

Hat-tip to Apple for the updates.

 

[OldWoodchuck]

Kick in the butt to Apple for still not fixing Proofread in Pages even though they have been (incorrectly) advertising it for months!

 

[Musocat]

Update servers are pretty busy! A bit of a delay before download started.

 

[Biro]

Frankly, I think Apple uses this line to get as many people to update as soon as possible.

 

[Siliconguy]

Wow, so many flaws. You would think they were features at this point 🤣🤣

When the programmers are frantically implementing AI there is less time for bug hunting and security. Hopefully since they have admitted to delays in some AI functions they sent the programmers back to security detail.

 

[JosephAW]

not the case with iOS 15.8.4

How about iOS 16?

 

[jz0309]

THAT is the reason to update, for me.

 

[JosephAW]

How many of these 50+vulnerabilities are still there for iOS 17, 16, 15?

 

[WarmWinterHat]

Frankly, I think Apple uses this line to get as many people to update as soon as possible.

Most people just auto-update, and never read about the features. I think such a headline wouldn't even get in front of people's eyes.

I normally auto-update, too, but will do this one tonight manually since it has so many fixes.

 

[coolfactor]

The "Doc" and "Kernel"? What are they doing in my devices?

 

[coolfactor]

Most people just auto-update, and never read about the features. I think such a headline wouldn't even get in front of people's eyes.

I normally auto-update, too, but will do this one tonight manually since it has so many fixes.

I've updated an M1 MacBook Air, iPhone 13 Pro, and a 4th gen Apple TV. All working fine and dandy afterwards. No concerns here. Business as usual...

 

[Sippincider]

Sounds good but what other flaws / vulnerabilities will Apple introduce with this update ?

Mac Wi-Fi turned itself back on again. (Apple is it really that hard to leave this setting alone?)

 

[Ad47uk]

Frankly, I think Apple uses this line to get as many people to update as soon as possible.

Yeah, got to get people to use their AI stuff.

 

[Tomas1988]

Well, that's all it's fixed - is this a practically perfect version of it? 🫤😀 iOS whats next ?

 

[I7guy]

When the programmers are frantically implementing AI there is less time for bug hunting and security. Hopefully since they have admitted to delays in some AI functions they sent the programmers back to security detail.

Is that a fact? I thought Apple couldn’t implement emoji and fix bugs at the same time. /s

 

[Sippincider]

How many of these 50+vulnerabilities are still there for iOS 17, 16, 15?

Have an older backup iPad here and surprisingly got a 17.7.6 update.

 

[TriBruin]

I've updated an M1 MacBook Air, iPhone 13 Pro, and a 4th gen Apple TV. All working fine and dandy afterwards. No concerns here. Business as usual...

So what software did you use to do your regression testing?

Did you run a full suite of application testing?

When people say "I updated without issue" less than 3 hours after the release time, all they are saying is "I didn't see any immediate issues." A lot of times issues may not become apparent until they start running the computer for a longer period of time.

That is why I implement a ringed rollout in my organization. I will run a new version on about 1% of my computers for 2-3 days. After that, our pilot testers (about 3-5%) will start upgrading, and all users will be able to upgrade in a week. That gives us time to identify any potential business disruptions and remediate or block the upgrade if necessary.

Granted that has only happened a handful of times, but it has happened.

 

[B4U]

What happened with the Rapid Security Response feature? 🤔

 

[Jerry Fritschle]

When the programmers are frantically implementing AI there is less time for bug hunting and security. Hopefully since they have admitted to delays in some AI functions they sent the programmers back to security detail.

I'm sure that many of these security fixes are general unix/Linux issues that have come from upstream of macOS. I see many of these when I update my Linux VMs. Indeed, sometimes they tip me off that a macOS dot dot release is probably around the corner.

 

[TigerNike23]

Have an older backup iPad here and surprisingly got a 17.7.6 update.

Check out the Apple CVE page.

iOS 15, 16, 17, and 18 all got updates. That means if you still have an iPad Air 2 from 2014, it just got an update.