Apple released iOS 18 on Monday, along with 33 security fixes and a bunch of new iPhone features. Apple’s iOS 18 was issued at the same time as iOS 17.7, a security-only update for iPhone users who want to wait to upgrade their devices.

While iOS 17.7 contains 16 security fixes, iOS 18 comes with over twice that number. Some of the flaws fixed in iOS 18 are serious, impacting WebKit, the engine that underpins the Safari browser and the Kernel at the heart of the iPhone operating system.

Among the notable issues fixed in iOS 18 are two vulnerabilities in the Kernel, tracked as CVE-2024-44165 and CVE-2024-44191 – which could allow an app to gain unauthorized access to Bluetooth. A flaw in the Sandbox, CVE-2024-40863, could see an app leak sensitive information. Meanwhile, CVE-2024-40857 is an issue in WebKit where processing maliciously crafted web content could lead to universal cross site scripting.

A second bug in Webkit, CVE-2024-44187, could see a malicious website exfiltrate data cross-origin, Apple said on its support page.

A flaw in Core Bluetooth tracked as CVE-2024-44124 —also fixed in iOS 17.7 — could allow a malicious Bluetooth device to bypass pairing.

Some of the updates in the release of iOS 18 are “fairly significant” — such as the ability to connect malicious Bluetooth devices, says Sean Wright. However many of these don’t appear in the 17.7 release, so Wright suggests these vulnerabilities are specific to the iOS 18 Beta. “My advice is that if you are running the Beta version, you should update as soon as you can,” he says.

iOS 17.7 Or iOS 18?

Some people will decide to update to iOS 17.7, to wait for any early issues with iOS 18 to be ironed out. But it’s worth noting that updating to iOS 18 will make your iPhone more secure overall.

Apple focuses more closely on iPhone security fixes in iOS 18, so the range of patches will be broader, plus it has added a range of new security features. The most significant is the passwords app, a big improvement on the iCloud Keychain including the same functionalities of a full service password manager such as 1Password.

Apple’s iOS 18 contains some cool privacy features too, such as the ability to hide sensitive apps so they can only be accessed using Face ID when others are using your device.

If your iPhone can run iOS 17, it can run iOS 18 too. However, some of the more advanced AI features coming at the end of the year are only available for iPhone 15 and later.

For users contemplating sticking with iOS 17 or moving to iOS 18, it will be a personal preference rather than a security one, says Wright. “Many people will prefer to stay on the older iOS 17 to allow the initial kinks in iOS 18 to be ironed out — and that’s a perfectly reasonable to position to take.”

So, you know what to do. Go to your Settings > General > Software Update and update to iOS 18 or iOS 17.7 now.

Share.
Exit mobile version