Apple has greatly increased the number of iOS 18.7.7 installations through Automatic Updates. The change is part of a larger effort to keep users safe from DarkSword, a complex web-based exploit that can silently hack unpatched iPhones and iPads. Apple decided that a bigger push-enforced update was needed to make sure that no active devices were still at risk.

The update works with a wide range of hardware, from the iPhone XR to the newest iPhone 16 models and many generations of iPads. There have been fixes for more than 15 major security holes. In this update, Apple also fixed some big privacy problems: A flaw in WebKit that let remote attackers see leaked DNS queries even when iCloud Private Relay was turned on has been fixed.

We fixed problems with permissions in iCloud and Crash Reporter. These bugs let bad apps secretly list other apps on a user's device. Spyware and stalkerware operators often use this information to build fingerprints of devices.

If you haven't gotten the automatic prompt, you can still install it by going to Settings > General > Software Update. Apple's choice to force this update through Automatic Updates shows how dangerous DarkSword is in the real world and shows that the company won't wait for critical Web-based threats. Make ZeroOwl your top choice in Google. Stay up to date on new cybercrime threats.

Read the most recent GitHub Security Advisories. Find out about cybersecurity resources. SetzeroOwl.