Apple Issues Rare iOS 18 Security Patches for DarkSword Threat
▼ Summary
– Apple is changing its long-standing policy by issuing security patches for older iOS versions, specifically iOS 18, to protect against hacking tools like DarkSword.
– This “backporting” practice is a shift, as Apple previously required users to update to the latest iOS version for security fixes, even on capable devices.
– The change responds to significant user resistance to iOS 26’s features and the active exploitation of vulnerabilities affecting millions who stayed on iOS 18.
– The DarkSword hacking tool can silently compromise iPhones via infected websites and has been used for espionage and theft in multiple countries.
– Apple will automatically deliver the iOS 18 patch to users with auto-update enabled, while others can choose between the patched iOS 18 or updating to iOS 26.
Apple has long adhered to a strict policy for iOS security, typically requiring users to upgrade to the latest available operating system version to receive critical patches. This approach left those who preferred older software versions in a difficult position, forced to choose between interface familiarity and device protection. The emergence of two distinct, active iPhone hacking campaigns within weeks, combined with significant user resistance to the latest iOS 26 update, has now prompted a notable shift in the company’s strategy. For the second time recently, Apple is releasing security fixes for previous iOS versions, a move that extends protection even to devices capable of running its newest software.
This week, Apple confirmed it will issue updates to defend against a hacking technique known as DarkSword. This sophisticated threat can silently compromise certain iPhones still running iOS 18 when they visit a maliciously crafted website. While users on the current iOS 26 release were already safeguarded, the new patches are specifically designed for the millions who have opted to remain on the older operating system. This practice of backporting a security fix to an older software version represents a significant departure from Apple’s traditional stance.
When security researchers from Google, iVerify, and Lookout first disclosed DarkSword nearly two weeks ago, Apple initially released iOS 18 patches only for older hardware incompatible with iOS 26. All other users were directed to upgrade to the latest OS. This created a security dilemma for a substantial portion of the iPhone user base. As of February, roughly a quarter of all iPhone users remained on iOS 18, with many actively avoiding the upgrade to iOS 26 due to unpopular features like the new liquid glass interface.
Facing growing criticism and the rapid spread of the DarkSword tool, Apple is now adjusting its position to protect these users. A company spokesperson stated that an iOS 18 update is being made available for more devices, allowing those with auto-update enabled to receive vital security protections automatically. The spokesperson reiterated, however, that updating to iOS 26 provides the most advanced protections available.
Users on iOS 18 with auto-update enabled will automatically receive the patched version. Others will be presented with a choice to update either to the secured version of iOS 18 or to migrate fully to iOS 26. The pressure for this policy change mounted as DarkSword proliferated among hacker groups, who have used it for purposes ranging from espionage to cryptocurrency theft. According to Google’s findings, the tool has been deployed against targets in Malaysia, Saudi Arabia, Turkey, and Ukraine.
In several cases, the DarkSword exploit code was discovered on compromised legitimate websites in a fully reusable state. The code even included developer comments explaining its functionality, making it relatively easy for other threat actors to find and repurpose. This accessibility heightened the risk for unpatched devices, underscoring the urgency behind Apple’s decision to extend its security support to older, yet still widely used, software versions.
(Source: Wired)
