Apple urges users to update: iOS 18.3.1 fixes critical security flaw

Apple has released iOS 18.3.1, an urgent security update designed to address a critical vulnerability already being exploited in real-world attacks. iPhone users are strongly advised to update immediately to protect their devices from potential threats.

A Targeted Security Breach

The vulnerability, tracked as CVE-2025-24200, involves an issue in the Accessibility feature that allows a physical attack to disable USB Restricted Mode on a locked device. This security flaw could potentially give attackers unauthorized access to sensitive data. Apple has acknowledged reports of this vulnerability being exploited in highly sophisticated attacks against select individuals.

The flaw was reported by Bill Marczak of The Citizen Lab at the University of Toronto’s Munk School, a research organization known for uncovering digital espionage threats. Given The Citizen Lab’s involvement, it is likely that this vulnerability was used in targeted surveillance campaigns, affecting high-profile individuals such as journalists, activists, and government officials.

Understanding USB Restricted Mode

USB Restricted Mode, introduced in iOS 11.4.1, is a critical security feature designed to prevent unauthorized access via USB ports when a device is locked. By default, it ensures that accessories can only connect if the device is unlocked at the time of connection. This feature helps mitigate the risk posed by hacking tools like GrayKey, which are often used by law enforcement agencies to access locked devices. However, with this new vulnerability, attackers may have found a way to bypass these restrictions, making it crucial for users to install iOS 18.3.1 as soon as possible.

A Surprise Change to Apple Intelligence

Aside from the critical security fix, users have noticed an unexpected change in iOS 18.3.1: Apple Intelligence is being re-enabled by default, even for those who had previously turned it off. This issue was first reported by Apple-focused site 9to5Mac and confirmed by security researchers.

Apple Intelligence, the company’s AI-driven assistant, processes some requests on-device while others are handled through Apple’s Private Cloud Compute. Although Apple prioritizes user privacy, concerns remain about how AI-driven services handle personal data. Additionally, where ChatGPT is integrated with Siri via Apple’s partnership with OpenAI, users must manually approve any data sent to OpenAI’s servers, which are subject to different privacy policies.

Users who prefer to keep Apple Intelligence disabled should manually turn it off again by navigating to Settings > Apple Intelligence & Siri after updating to iOS 18.3.1.

Performance and Stability Improvements

Despite concerns about Apple Intelligence being re-enabled, early reports from users indicate that iOS 18.3.1 is performing well. Many Reddit users have reported smoother performance compared to iOS 18.3. Some even claim their iPhones are running faster and more efficiently after the update.

Additional Updates for Apple Devices

Alongside iOS 18.3.1, Apple has rolled out updates for several other devices, including macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1. However, Apple has not provided specific details about the security fixes included in these updates, only stating that they contain "important security fixes." This lack of transparency has led some security researchers to speculate that Apple may have reused standard release notes without fully documenting the changes.

Importantly, Apple has not issued updates for tvOS and HomePod software, leaving questions about whether these platforms remain vulnerable to certain security threats. Additionally, while macOS Sequoia receives full security updates, older macOS versions only receive partial patches, making it essential for users to stay on the latest operating system whenever possible.

Why You Should Update Now

The vulnerability fixed in iOS 18.3.1 is not a theoretical concern—it is actively being exploited. While the attack requires physical access to the device, its targeted nature means that high-profile individuals, such as journalists, business leaders, and government officials, are at particular risk. Even for everyday users, staying updated is one of the best defenses against evolving cyber threats.

“Keeping devices up to date with the latest patches is one of the most effective ways to safeguard against attackers,” says Adam Boynton, senior security strategy manager at Jamf.

To update to iOS 18.3.1, go to Settings > General > Software Update and follow the on-screen instructions. The update is available for all iPhones from the iPhone XS and later, as well as a range of iPads.

As security threats continue to evolve, timely updates like iOS 18.3.1 are crucial in keeping devices secure. If you haven’t updated yet, now is the time to do so and ensure your data remains protected.