Apple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit

Summary

Apple is pushing a rare security update to iOS 18 devices to defend against the DarkSword exploit, a publicly discussed iPhone exploitation tool that targets vulnerabilities already patched in iOS 26. The update will be deployed automatically to supported devices, addressing concerns that many users delay major OS upgrades due to compatibility or storage constraints. While the backported fixes offer protection, security experts note that DarkSword exploited zero-day vulnerabilities, meaning attackers may have already had a window of opportunity before patches became available.

Full text

Security Apple iPad iPhoneApple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit Apple pushes rare iOS 18 security patch to protect devices at risk from the DarkSword exploit, urging users to update or move to iOS 26 for stronger protection. byWaqasApril 1, 20263 minute read Apple is taking an unusual step to protect older iPhones, confirming it will push a security update to devices still running iOS 18 to block the DarkSword exploit. This move follows growing concern around DarkSword, a publicly discussed iPhone exploitation tool that targets vulnerabilities already addressed in newer systems. While Apple had focused on encouraging users to upgrade to iOS 26, the company is now extending key protections to those who have not made the jump. According to a statement shared with Wired, Apple will release an updated version of iOS 18 that includes the same defenses already built into iOS 26. The update is expected to roll out automatically to supported devices with auto-update enabled, reducing the risk for users who delay major OS upgrades. This decision is important because not everyone updates right away. Many users hold off due to compatibility concerns or storage limits. In those cases, older devices can remain exposed longer than intended, especially when exploit tools like DarkSword become publicly known. DarkSword itself has drawn attention after reports suggested it could be used to compromise iPhones by targeting specific flaws in the operating system. Once exploited, attackers could gain access to sensitive data or take control of key device functions. For context, a working version of the DarkSword exploit chain was publicly leaked on GitHub, making it easy for even less skilled attackers to use it for malicious purposes. While Apple is pushing updates for older versions, it is still pushing users toward iOS 26. In its statement, the company emphasized that the latest version offers the strongest protection set, even with the backported fixes in place. Users running supported devices are still advised to upgrade fully when possible. Rocky Cole, co-founder and COO at iVerify, said the DarkSword exploit highlights a deeper issue with how modern mobile threats operate. In many cases, a user does not need to install anything or click a suspicious file; simply visiting a legitimate but compromised website can be enough to trigger the attack and extract sensitive data. He noted that Apple’s decision to extend protections to iOS 18 reflects pressure from the security community, especially given that a notable portion of users remain on older versions. Leaving those devices exposed would be difficult to justify for a company that positions privacy and security as core principles. At the same time, Cole pointed out that patching alone has limits. Several components linked to DarkSword were zero-day vulnerabilities when first observed, meaning fixes were not available at the time of exploitation. By the time updates arrive, attackers may have already had a window of opportunity. He also highlighted a changing user pattern. In the past, most iPhone users upgraded quickly after a new release. That trend has slowed, with some users choosing to stay on iOS 18 due to design changes in newer versions or regulatory friction in regions like the UK. As a result, Apple can no longer assume rapid adoption of its latest software. For enterprise environments, additional layers of mobile protection exist, but everyday users depend almost entirely on Apple’s built-in defenses. Unlike other platforms, third-party security tooling on iOS remains limited, which places more weight on Apple’s own response. While backporting patches is a positive step, Cole argues it may not be enough on its own, especially as the market for zero-day exploits continues to grow. If you are still on iOS 18, keep automatic updates turned on and install the patch as soon as it appears. If your device supports iOS 26, upgrading remains the better option for long-term protection. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts AppleCybersecurityDarkSwordExploitiPhonePrivacy Leave a Reply Cancel reply View Comments (0) Related Posts Security Privacy Surveillance Almost Every Major Free VPN Service is a Glorified Data Farm There ain't no such thing as a free lunch. byJohn Mason Read More Security Phishing Scam Geo Targetly URL Shortener Abused in Phishing Scam Threat actors are targeting unsuspecting users with tailored phishing scam attacks based on victims’ location, making it more convincing than ever. byDeeba Ahmed Read More Malware Security New Wave of Cyberattacks Targeting MS Exchange Servers Cybercriminals are leveraging two exploit chains (ProxyNotShell/OWASSRF) to target Microsoft Exchange servers, as warned by Bitdefender Labs. byWaqas Read More Hacking News Security Xfinity Rocked with Data Breach Impacting 36 Million Users The latest Xfinity data breach is linked to the critical Citrix Bleed vulnerability. byDeeba Ahmed

Indicators of Compromise

• malware — DarkSword