Apple made the iOS 18.7.7 version available this Wednesday, with build 22H340, and the corresponding iPadOS 18.7.7 for all eligible iPhones and iPads. The measure expands the scope of a security update that corrects a vulnerability exploited by attacks known as DarkSword. Usuários who keep the automatic updates feature activated receive protection automatically.
Older devices had already received a previous build of the same version in recent days. The new build extends the fix to newer devices still running iOS 18 or iPadOS 18. The flaw allowed attackers to silently take control of the device when visiting compromised websites.
Update fixes remote code exploitation
The fix addresses an authentication issue addressed with improved state management. Essa vulnerability was part of a chain of exploits called DarkSword, capable of compromising devices running versions of iOS 18 between 18.4 and 18.7. Exploitation occurred through malicious websites without additional user interaction beyond visiting the page.
Researchers have identified the use of the chain by multiple actors, including commercial surveillance providers and suspected state-sponsored groups. The chain combined several vulnerabilities to achieve remote code execution and installation of malicious payloads.
- The flaw mainly affected browser Safari and related components.
- Attacks could extract sensitive data such as credentials and cryptocurrency wallet information.
- Cleaning occurred quickly after exfiltration to reduce traces.
Protection expansion covers users who have not migrated to a newer version
Apple chose to make this specific fix available in iOS 18 even for those who have not yet updated to iOS 26.4 or higher. Dispositivos who are already running the latest system have protection against the same threat from previous releases. The initiative aims to reduce the risk for a significant portion of users who remain on the previous version for various reasons.
The update appears in the Ajustes > Geral > Atualização section of Software. Quem has automatic updates enabled and should receive notification soon. Especialistas recommend manually checking availability to ensure installation as soon as possible.
Compatible devices receive unified build
All iPhones and iPads supported by iOS 18 and iPadOS 18 now access the same patched build. Anteriormente, the initial version of 18.7.7 was limited in scope to older models. The change reflects the company’s concern about the active proliferation of the exploit chain.
The move represents an unusual approach, as Apple generally targets priority security fixes for the latest version of the system. However, the severity of the threat led to the decision to expand support.
Recommendations for end users
Users must access the device settings and confirm if the update is available. Installation requires stable internet connection and sufficient battery or charger connected. Após update, the device maintains the iOS 18 version with the protections applied.
Apple does not publicly detail all fixed vulnerabilities until updates are widely available. The company reinforces the importance of keeping the operating system updated to mitigate the risk of attacks via the web.
Technical details of the fix
The new build 22H340 solves the authentication problem with better state management. Essa approach prevents the exploit chain from escalating privileges and injecting malicious payloads. The fix complements patches already applied to newer versions of the system.
Devices that remain on iOS 18 directly benefit from this measure. The update does not change user-visible features, focusing exclusively on internal security.
Importance of rapid updates in active threat scenarios
The DarkSword chain has been observed in targeted campaigns since late 2025. Exploitation via compromised or malicious websites allowed full device access within seconds. The rapid spread among different actors raised the level of urgency for the correction.
Security experts highlight that keeping the system up to date remains the main defense against this type of remote threat. Usuários that cannot migrate to newer versions now have specific protection within iOS 18.
Apple recommends periodically checking the availability of security updates. The process occurs simply through the device’s settings menu.