Mastodawn

The security update protects a raft of older iPhones and iPads from attacks linked to leaked hacking tools called DarkSword. https://techcrunch.com/2026/04/01/apple-releases-security-fix-for-older-iphones-and-ipads-to-protect-against-darksword-attacks/?utm_source=dlvr.it&utm_medium=mastodon

Show thread

Tom Sellers 2d ago

@TechCrunch @zackwhittaker

Apple says users running its latest software, iOS 26, were protected weeks ago. The company has also released a new update to iOS 18 users with iPhones and iPads that are unable to run iOS 26 software.

But with Wednesday’s update, Apple has now provided DarkSword fixes for the millions of users with unpatched devices that are capable of updating to iOS 26 but who have chosen not to update.

Users running 18.7.3 were already protected.

Google ref here: https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog

DarkSword is a new iOS exploit chain that leverages multiple zero-day vulnerabilities to fully compromise iOS devices.

Google Cloud Blog

Show thread

Tom Sellers 2d ago

@TechCrunch @zackwhittaker

Per Google's writeup only one DarkSword CVE was not patched in 18.7.3 and it is not patched in 18.7.7

Show thread

Tom Sellers

@TechCrunch @zackwhittaker

AFAICT, this is the only part of the patch notes relevant to DarkSwort

"We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called Darksword. The fixes associated with the Darksword exploit first shipped in 2025."
https://support.apple.com/en-us/126793

About the security content of iOS 18.7.7 and iPadOS 18.7.7 - Apple Support

About the security content of iOS 18.7.7 and iPadOS 18.7.7

Apple Support