If you have any Apple devices running iOS 18, then make sure they have the latest patches installed.
Apple has released an urgent iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respectively tracked as CVE-2024-44207 and CVE-2024-44204.
The company addressed the vulnerability by improving checks. The flaw was reported by Michael Jimenez and an anonymous researcher.
The first vulnerability CVE-2024-44207 may allow threat actors to capture short snippets of audio messages in messages before the microphone indicator is activated.
The second vulnerability CVE-2024-44204 is a logic issue that could potentially enable VoiceOver to read aloud users’ saved passwords. The issue was addressed with improved validation. It was reported by the researcher Bistrit Dahal.
Apple says these updates are available for the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Apple is not aware of the attack in the wild, exploiting the above vulnerabilities.
