Apple Will Enable iOS 18 Security Updates for iOS 26-Capable Devices

wired.com · tech234a · 11 days ago · view on HN · news
quality 7/10 · good
0 net
Tags
apple google malware mobile phishing
Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool | WIRED Skip to main content Comment Loader Save Story Save this story Comment Loader Save Story Save this story When it comes to iOS , Apple has largely maintained a take-it-or-leave-it approach to security updates. Want the software patches Apple creates to fix the vulnerabilities exploited by hackers to compromise iPhones? Then the company would tell you to update your phone to the latest version of iOS your hardware can handle—with no room for lingering on an older version just because you enjoy its retro look or familiar features. Now, however, the appearance of not one but two sophisticated, in-the-wild iPhone hacking techniques in a single month—and some iPhone owners’ distaste for the look and feel of the latest version of iOS —may have finally shifted Apple’s patching policy. For the second time in just a few weeks, Apple is responding to the spread of a hacking tool by pushing out patches for older versions of iOS—and in the latest case, even for phones that have the capability to upgrade to its most recent version. An Apple spokesperson tells WIRED that the company will issue software updates on Wednesday morning to protect iOS users from a hacking technique known as DarkSword , which is capable of silently taking over certain iPhones running iOS 18—the previous version of Apple’s mobile operating system—when they visit a website infected with the malicious code. Users of Apple’s latest iOS version released in September, iOS 26, were already protected against DarkSword. But the new patch push is designed to specifically protect vulnerable iOS 18 users who have so far resisted updating to iOS 26. Apple’s move to allow iOS 18 users to patch their devices without updating to its latest operating system version—a practice of protecting an older operating system version that the cybersecurity industry calls “backporting” a patch—marks a surprising pivot for Apple. When researchers at Google and cybersecurity firms iVerify and Lookout revealed DarkSword nearly two weeks ago, Apple released iOS 18-specific patches only for older devices whose hardware was incompatible with iOS 26, and recommended all other users update to its most recent OS version. Given that as many as a quarter of all iPhone users remained on iOS 18 as of February—and many of those users have consciously chosen not to upgrade to iOS 26 because of the unpopularity of its features like Apple's new “liquid glass” interface —that left many millions of holdouts facing a dilemma between their software preferences and their security. Apple now appears to be changing its position in an effort to protect those holdouts. “Tomorrow we are enabling the availability of an iOS 18 update for more devices so users with auto-update enabled can automatically receive important security protections,” an Apple spokesperson wrote in a statement to WIRED. “We encourage all users with supported devices to update to iOS 26 to receive our most advanced protections.” Users of iOS 18 who have auto-update turned on will automatically receive the version of iOS 18 that’s patched against DarkSword, while those who don’t have auto-update enabled will have the option to update to either the latest, patched version of iOS 18 or to iOS 26. Criticism of Apple's lack of backported patches for iOS 18 had grown over the past two weeks, as DarkSword proliferated among hacker groups that have used the tool for everything from espionage to cryptocurrency theft. According to Google , DarkSword has been used by various hacker groups to break into the iPhones of users in Malaysia, Saudi Arabia, Turkey, and Ukraine. In at least some instances, the code was left in a fully reusable state on the legitimate websites that had been compromised by hackers to carry out DarkSword's intrusions, complete with helpful comments from its developer about how it worked, all making the tool easy to repurpose for any hacker that finds it. Last week, DarkSword was then posted to open source code repository GitHub , making it all the more accessible. Security firms Malfors and Proofpoint soon after warned that another Russian hacker group linked to the Kremlin's FSB intelligence agency was sending out phishing emails that used the technique. Independent security researcher Johnny Franks tells WIRED that he found yet another new, active domain—a fake website written in English, capable of infecting US-based users—that was part of a DarkSword hacking campaign as late as Thursday of last week, a finding confirmed by mobile security firm iVerify. Despite DarkSword’s growing threat to iOS 18 users, many stubbornly refused to update to iOS 26. On Reddit channels related to cybersecurity and iOS, some self-identified iPhone owners discussing DarkSword argued that Apple seemed to be taking advantage of the DarkSword hacking campaigns to push them onto its latest OS version, which some have found to be slow or overly animated . “Apple is trying to force you onto the dumpster fire that is liquid glass,” one Reddit user wrote. “If this is so serious, why wouldn't Apple insert a fix into iOS 18.x," another Redditor named asked. “It's all bullshit propaganda!” another user wrote. “Not updating my phone is perfect on iOS 18.1.1." For cybersecurity experts who have been waiting for Apple to act, the company’s move to now cater to those stubborn iOS 18 users received “better-late-than-never” reviews. “Apple is now, finally, doing this for the DarkSword exploits, but only after they were already being abused by other attackers, putting iOS users at risk,” says Patrick Wardle, a former NSA hacker and now the CEO of the Apple-device-focused security firm DoubleYou. “If protecting users actually matters, backporting critical fixes should be standard, not the exception.” DarkSword is, in fact, the second sophisticated, in-the-wild iPhone hacking technique in just the last month that’s inspired Apple to take the rare step of pushing out fixes for older versions of iOS. Earlier in March, the company also backported patches to protect users from a different, even more sophisticated iOS hacking toolkit known as Coruna . A week after researchers at Google and iVerify revealed that the Coruna iOS exploitation kit—which was likely created for the US government—had spread from Russian espionage hackers to profit-focused cybercriminals, Apple released security fixes for iOS 17, the even older version of Apple's mobile operating system that was vulnerable to Coruna’s set of hacking techniques. DarkSword's ability to compromise iOS 18 devices, however, left a different set of users vulnerable. Rocky Cole, cofounder of iVerify, notes that some of those users may have held out on updating to iOS 26 until now not simply because they don’t like its features but because they use specific or custom-made apps that aren't compatible with newer operating systems. In the UK, Apple has also added age verification features to iOS 26 that some users have resisted. Others may simply not have had enough storage space on their phone to carry out the update. “Apple left a very large number of people vulnerable for a pretty long time,” Cole says of the two weeks it’s taken the company to push out the new fixes. “As to why they didn't backport fixes until now, I don't know. This is a severe enough problem that it merited doing it.” Apple's historic practice of avoiding patching older versions of iOS may have escaped controversy, Cole argues, only because iOS hacking techniques have rarely spread as widely and publicly as DarkSword and Coruna. Apple has long described iPhone hacking as a rare phenomenon carried out by sophisticated hackers targeting small numbers of high-risk users. But DarkSword's appearance, especially coming on the heels of a similarly dangerous hacking toolkit revealed earlier the same month, has forced Apple and the people who use its products to reckon with the fact that iOS's security features haven't made them immune from intrusion—and to consider the trade-offs of protecting them. “There are people out there who are, for one reason or another, unwilling or unable to use the latest version of iOS,” says Cole. If insisting that users update to that most recent operating system is Apple’s only security strategy, he says, “there are going to be a very large number of iPhone users exposed to these increasingly pervasive and severe attacks.” Comments Back to top Triangle You Might Also Like In your inbox: Will Knight's AI Lab explores advances in AI ‘Flying cars’ will take off this summer Big Story: Inside OpenAI’s race to catch up to Claude Code How ‘Handala’ became the face of Iran’s hacker counterattacks Listen: Nvidia’s ‘Super Bowl of AI,’ and Tesla disappoints Andy Greenberg is a senior writer for WIRED covering hacking, cybersecurity, and surveillance. He’s the author of the books Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency and Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers . His books ... Read More Senior Writer X Topics apple ios iPhone hacks malware Russia hacking cybersecurity Limited Time: Turbotax Full Service for $150 This April Tax season doesn’t have to be stressful. Score up to $150 on federal tax filings and more exclusive TurboTax discount codes on WIRED. Molly Higgins Save 15% With This Exclusive Shed Rain Coupon Get 15% off functional, fashionable umbrellas with our exclusive Shed Rain discount code. Molly Higgins Get Up to $100 Off at Logitech This Month Score up to $100 off refurbished premium products, free shipping on orders of $29+, and more at Logitech. Molly Higgins 50% Off Select Items With These Ring Camera Deals Discover how to save on Ring cameras, doorbells, outdoor cameras, and more. Nena Farrell Top Western Digital Promo Code: April 2026 Get 10% off your first order at Western Digital when you register your email. Molly Higgins Lovehoney Coupon Offers: Toys, Lingerie, and Gift Set Discounts Save on Lovehoney, including bestselling toys, lingerie, and popular gift sets for date nights, self-care, and couples’ play. Amanda Chatel Top OnePlus Promo Code This April Save 30% with a OnePlus coupon this month, plus save up to 10% on earbuds, phones, and more. Molly Higgins Artemis II Mission Launches Successfully The crew of Artemis II will not descend to the moon, but their capsule will fly over the far side of its surface. Jorge Garay California Suspends Enforcement of Law Requiring VCs to Report Diversity Data After investors appealed to the governor, California again delayed the deadline for venture firms to disclose the demographics of startup founders they back. Paresh Dave Get Big Savings on Last Year’s Best Samsung OLED TV The gorgeous Samsung S95F QD-OLED is on super sale ahead of the newest models hitting stores. Ryan Waniata FDA Approves Eli Lilly’s GLP-1 Pill Eli Lilly’s once-daily Foundayo is the second obesity pill to receive FDA approval. It will compete with Novo Nordisk’s pill version of Wegovy. Emily Mullin AI Models Lie, Cheat, and Steal to Protect Other Models From Being Deleted A new study from researchers at UC Berkeley and UC Santa Cruz suggests models will disobey human commands to protect their own kind. Will Knight
← Back to stories