Apple's latest iOS update fixes a major iPhone security flaw

Just two weeks after rolling out iOS 18.3, Apple is already back with another update. The latest iOS 18.3.1 doesn’t bring new features, but it does patch a critical flaw in USB Restricted Mode—one that Apple says was exploited in an “extremely sophisticated” attack.

The bug, tracked as CVE-2025-24200, allowed attackers with physical access to a locked iPhone or iPad to disable USB Restricted Mode without a passcode. This is a big deal because USB Restricted Mode, introduced back in iOS 11.4.1 (2018), was designed to block hacking tools from extracting personal data via the charging port. Apple didn’t share many details about how long the vulnerability had been in play, but it raises concerns about whether similar vulnerabilities have been lurking unnoticed for years.

The exploit was found by Citizen Lab’s Bill Marczak, whose work has previously exposed spyware used for surveillance. While Apple didn’t confirm who was targeted, the company’s language— “specific individuals”—suggests it wasn’t just a random security flaw, but something potentially used in high-profile attacks.

For Apple, the timing of this update is also interesting. While it’s standard practice to push security patches, the company is also strongly urging users to upgrade, a move that could help drive iOS 18 adoption, which currently sits at just 68% among iPhone users. Given that Apple has a history of rolling out urgent fixes that quietly nudge users toward newer versions, it’s hard to ignore the possibility that this update serves a dual purpose.

Regardless of the motivation, the bottom line is clear—if you haven’t updated your iPhone yet, now might be the time to do it. As usual, to update your iOS version to iOS 18.3.1, go to Settings > General > Software Update.