Apparently, Apple isn’t going to patch iOS 18.6.2, meaning I either risk my information with DarkSword or my sanity with iOS 26.
Say what you want about Microsoft — please! use profanity! — but they wouldn’t let a zero-interaction, full-exfil bug go unfixed on a seven month old release.
@mttaggart Nothing explicit, but reading between the lines…
iOS 26 has been fixed. iOS 18 for devices that can’t run iOS 26 has been fixed. And those who can run iOS 26 but don’t want to? [Conspicuous silence.]
@gknauss I think the thing is to move to 18.7.3, which is patched.
For devices running versions of iOS prior to 18.6, DarkSword uses CVE-2025-31277, a JIT optimization/type confusion bug which was patched by Apple in iOS 18.6. For devices running iOS 18.6-18.7, DarkSword uses CVE-2025-43529, a garbage collection bug in the Data Flow Graph (DFG) JIT layer of JavaScriptCore which was patched by Apple in iOS 18.7.3 and 26.2 after it was reported by GTIG. Both exploits develop their own fakeobj/addrof primitives, and then build arbitrary read/write primitives the same way on top of them.
I'm unaware of a compelling reason or hardware limitation to not upgrade from 18.6 to 18.7
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/
Greg Knauss
Taggart
mirabilos