Apple has released iOS 18.3.1 as an emergency update to fix a serious security flaw that hackers have already used in real attacks. The issue affects USB Restricted Mode, a security feature that prevents unauthorized access to your iPhone’s data through the USB-C or Lightning port. This flaw could allow attackers to disable the feature, potentially exposing sensitive information.
The vulnerability, tracked as CVE-2025-24200, was discovered by The Citizen Lab, a research group that investigates digital espionage. Apple has acknowledged that this issue was exploited in a highly sophisticated attack targeting specific individuals, such as journalists, activists, and government officials.
Security researcher Josh Long explained that USB Restricted Mode, introduced in iOS 11.4.1, ensures that any accessory connected to the iPhone’s port requires the device to be unlocked before it can transfer data. Without this security measure, tools like Grayshift’s GreyKey, which are used by law enforcement and hackers, could potentially break into locked devices.
Apple released iOS 18.3.1 shortly after iOS 18.3, which came out at the end of January. The quick rollout highlights the urgency of this update. The patch is available for iPhone XS and later, as well as several iPad models.
If you own an eligible device, it’s strongly recommended to update immediately to protect your iPhone from potential attacks. To install iOS 18.3.1, go to Settings > General > Software Update and download the latest version.
Keeping your device updated is crucial for security. Even if you think you’re not at risk, installing the update ensures your iPhone remains protected from potential threats.