Apple’s x.4.1 OS Updates Patch Exploited Security Vulnerabilities

Article Comments
1

Originally published at: https://tidbits.com/2025/04/17/apples-x-4-1-os-updates-patch-exploited-security-vulnerabilities/

Apple has released targeted updates to five of its current operating systems, primarily to address a pair of security vulnerabilities that have been exploited in the wild. The company also says that iOS 18.4.1 “addresses a rare issue that prevents wireless CarPlay connection in certain vehicles.” Additionally, the enterprise release notes for macOS 15.4.1 promise improved reliability when installing macOS updates, and TidBITS Talk readers note that it fixes a bug in macOS 15.4 that prevented selecting a custom wallpaper color.

For the remaining updates—iPadOS 18.4.1, tvOS 18.4.1, and visionOS 2.4.1—Apple identifies no specific changes beyond fixes for these security vulnerabilities:

  • A bug in CoreAudio (CVE-2025-31200) allowed processing an audio stream in a maliciously crafted media file to result in code execution.
  • A vulnerability in the Return Pointer Authentication Code (CVE-2025-31201) enabled an attacker with arbitrary read and write capabilities to bypass Pointer Authentication.

The security release notes for each update use one of the company’s standard phrases: “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.” Although there is no concrete information, the combination of that phrase and Apple’s credit to Google’s Threat Analysis Group, known for investigating state-sponsored cyber activities, suggests that the vulnerability has been exploited through spyware employed by state-level intelligence agencies.

It’s unlikely that attacks exploiting these vulnerabilities will quickly become widespread, but I still encourage updating soon, in case those with access to spyware expand their targeting before the updates are broadly installed.

1 Like
2

Settings tells me there is a 15.4.1 update.

Macintouch says:

macOS 15.4.1, iOS 18.4.1 critical patches, bug fixes

Apple just released critical software updates with security patches for vulnerabilities being actively exploited in “sophisticated” attacks.

macOS 15.4.1 was ~10 for download / install / reboot. Nothing broken so far…

3

This seems to be fixed in 15.4.1.

[edit]This is not the case with 15.4.1 This is not the case for me going from 15.4 to 15.4.1. Also, Apple Intelligence did not turn on with this update, though it also did not turn on with 15.4 for me, either, on my M1 Pro Mac mini.

1 Like
4

This was also my experience.

5

On Saturday, I spent several hours trying to update an M1 MacBook Air from Mac OS Sonoma 14.7.5 to Sequoia 15.4. Each attempt resulted in a kernel panic and an unsuccessful update, including attempts made from Safe Mode and from a bootable installer. Upgrading to 15.4.1 yesterday was successful from normal mode.

After Sequoia 15.4.1 was installed, the “Install macOS updates” setting was indeed turned on for this machine, where it had not been before.

6

This 15.4.1 update HOSED My desktop files → all gone ← and I didn’t notice 'til this am because I ran the update yesterday but had to leave to do some stuff… I’m restoring them now but I"m just warning folks . I’m an old “bleeding edge” kind of OS guy - but this wasn’t a developer patch - this was official - I"m filing a complaint with Apple…

-ben

1 Like
7

Actually, I just discovered it turned on Desktop and Documents in iCloud and didn’t share them on the desktop and documents folder…I did not have these things on. Weird… why would it do that?

2 Likes
8

Thank you for the heads-up. I just checked and my update to macOS 15.4.1 did not change the Desktop and Documents setting in iCloud+, which was “off” previously.

Another mystery!

9

I suspect that the automatic upgrade to tvOS 18.4.1 bricked my Apple TV 4K today.
It’s been working fine (we use it pretty much every day), and we were watched some YT video (barred owls) on it this morning. We went out on some errands after lunch, leaving the ATV displaying the home screen. Upon our return, our Sony TV had gone dark, with a ‘no video input’ message on screen. The ATV was no longer outputting any video. The remote wouldn’t wake it up. The only user intervention possible with this model of ATV is to power cycle it. That did not bring it back to life. Instead, it seems stuck in a boot loop. The white LED flashes for a while, then stops, then flashes again. The Apple logo appears, then disappears. In sync with this cycle, the link activity indicator on the adjacent ethernet switch lights up (indicating the NIC in the ATV is going active) and flashes a bit, then goes dark.

I tried power cycling it a couple of times. On one occasion, an iOS recovery screen I’ve never seen before appeared. It announced that something was wrong with the firmware, would I like to reinstall a fresh copy?. I thought I was getting somewhere, so clicked on Restore. A progress bar appeared, suggesting it was downloading/installing something. The progress bar took about 10 minutes to complete. Once it finished, the ATV was still non-functional and went back into the boot loop.

It’s possible that the ATV hardware decided this afternoon to spontaneously suffer a failure while it was sitting idle. But the fact that Apple just released 18.4.1 makes me suspect that the firmware update got pushed to my unit and bricked it.

10

I’ve never had to try this myself, but see this article:

and see if the suggestion under “How to reset your Apple TV using your computer” works.

There was one time when one of my Apple TVs was not working - it seemed to be doing what you describe. It’s an older Apple TV HD model, connected to a non-4K TV, but I was getting ready to buy a new 4K - but a few hours later it was working fine.

2 Likes
11

Doug,
Thanks for replying. Unfortunately that Business Insider article is behind a paywall. When I tried to view it, they wanted me to sign up for a trial subscription…

From the date on the article (March 2020), I suspect it’s out of date and not applicable to the ATV 4K models. I’d already found an Apple support article on the topic, which says to connect the ATV to a Mac using a USB cable. The 4K models did away with the USB jacks. I can’t even find a tiny hole that might have a reset switch behind it. Apple’s advice for the 4K model is to “contact support”.

However, this morning I was successful in getting the ATV back on the air. I’ll post an update to my original post with an explanation.

12

After sleeping on the problem, I tackled it again this morning, as my wife is very keen to watch something today and wants the damn thing fixed…

Yesterday I had tried power-cycling the ATV a number of times, to no avail. Tried doing so with the RJ45 cable to my LAN plugged in, and not plugged in. Even tried hooking it up to another TV to rule out mystery HDMI interface issues. No joy.

I left it unplugged overnight, and powered it up this morning, but this time with my iPhone next to it. I recalled that when booting up a brand-new ATV fresh out of the box, part of the start-up procedure is to put one’s iPhone nearby so it can suck in AppleID info, password, and who knows what else over Bluetooth. The ATV powered up and as if by magic, a prompt appeared on the iPhone asking if I wanted to reset the ATV firmware. Possibly asked if I wanted to reload the firmware. I should have taken a screenshot, but in my excitement, I just clicked OK.

An authentication screen appeared on the phone, asking for a 6-digit code. At the same time, a 6-digit code was displayed on my TV. I tapped the code into the phone, then Continue. The link activity light on my ethernet switch started flashing - the ATV was clearly downloading something - and a progress bar appeared on the TV. The white LED on the ATV was flashing. After about 10 minutes, the progress bar got to 100%, then what looked like a boot cycle: black screen, Apple logo, black screen. Then another progress bar, which lasted about 2 minutes. Then another boot cycle: black screen, Apple logo.

Finally, the tvOS Home screen appeared :grinning: :tada:. And surprisingly, the ATV was still configured with all my apps and passwords, screen layout, recently watched shows, etc. I was expecting that it would have been reset back to factory defaults with a fresh install of tvOS, but that was not the case. It does have 18.4.1 now.

I can’t be 100% certain that the failure yesterday was due to Apple automatically pushing out 18.4.1. It might have been caused by some random event in cyberspace, or a cosmic ray particle scrambling something in the firmware. In any event, it’s back online, and family harmony has been restored.

If you’re ever faced with an ATV 4K that refuses to power up, putting your iPhone nearby as it boots might help.

1 Like
13

Yes. There are secret pins behind the Ethernet jack that are electrically equivalent to a Lightning connector. You can connect it to a Mac for restoration, but you need a proprietary cable, which is not sold.

I found a Reddit thread that suggests a few ways to reset an Apple TV 4K. You might want to try one of them.

See also:

14

@Shamino
Thanks for the follow-up, and the Reddit link. One of the commenters there suggested power-cycling several times in a row to get it to come up in a recovery mode. On Saturday when the problem first appeared, I had power-cycled it a few times, but not repeatedly, and probably not the 5 times suggested.

As I wrote in yesterday’s update, I did manage to bring it back to life. That happened following the first-of-the-day power up - it had been without power overnight - while my iPhone was nearby.

It’s now working fine, except I just noticed that the time display in the upper-right corner of the home screen is incorrect. It’s NOT a time zone issue: clock time = 10:51am, ATV time = 7:00pm. Restarting doesn’t help. The ATV is correctly determining the correct time zone to use, but it seems that it’s no longer obtaining network from NTP.

We have another ATV 4K in the house. It’s still running 18.3.?, and it displays the time just fine, as do all our other devices.

15

The incorrect time has now been resolved by yet another power cycle!
I find it odd that a Restart did not force tvOS to obtain an update from NTP, but it is what it is.

16

Has any noticed that the tone to signal when you get a new email on iOS no longer works. I called Apple and all they said is that it has been “Reported”.

17

After installing the update my M1 16″ MacBook Pro started up fine. BUT—
Mail started up minus the tabs in the Viewer Window (and thus no “+” tab to open more tabs).
Safari started up with a single Window with no tabs, losing my other windows with their own collections of tabs that I use daily.
This was unexpected and annoying. :slightly_frowning_face:

18

Apparently, HomePod Software 18.4.1 also came out a few days later, with “performance and stability improvements.”

19

My OG Homepods automatically updated. I had a scare when one, of a pair, stopped working with my Apple TV.

As I have done a few times over the years I…

Unplugged both Homepods
Restarted the Apple TV
Changed the audio output to the TV,
Plugged the Homepods back in
Changed audio output back to the Homepods

Everything is working again :crossed_fingers:

1 Like
20

I have a 2023 16’ MB Pro. After upgrading to 15.4.1, two different non-Apple chargers now report as 8W, while Apple brick says 86W. And the non-Apple chargers will not increase the battery charge if the laptop is open. When it’s closed, it increases by about 2%/hour which tracks pretty well with how long it takes to fully charge on the Apple charger.

Interestingly I don’t think I observed this with the upgrade from 15.3 to 15.4.