Apple has broadened the reach of its iOS 18.7.7 and iPadOS 18.7.7 updates as of April 1, 2026, to encompass a wider array of devices. This strategic move is intended to protect users from the DarkSword exploit, a recently uncovered security threat. The company aims to ensure that users with automatic updates enabled receive these crucial security enhancements against web-based attacks.
Devices Receiving the Update
The update is now accessible for various iPhone models including the iPhone XR, XS, XS Max, 11, SE (2nd and 3rd generation), 12, 13, 14, 15, 16, and 16e. Additionally, iPad models such as the iPad mini (5th generation), iPad (7th generation), and several iPad Air and iPad Pro models are also included. This expansion covers devices capable of upgrading to iOS 26 but still operating on older versions.
Initially, iOS 18.7.7 was released on March 24, 2026, but was limited to specific devices like the iPhone XS, XS Max, XR, and the iPad 7th generation. Apple has also encouraged users to update older devices to versions iOS 15.8.7 and iOS 16.7.15 to mitigate risks associated with DarkSword and another vulnerability, Coruna.
Security Implications and User Actions
This update marks a significant move by Apple, diverging from its typical strategy of requiring users to upgrade to the latest iOS version for security patches. The company has emphasized the importance of protecting devices from vulnerabilities, offering users the choice to update either to the patched version of iOS 18 or to iOS 26.
The urgency of this update is underscored by information shared by Google’s Threat Intelligence Group and others, which have highlighted the active use of DarkSword in attacks across regions including Saudi Arabia and Ukraine. These attacks exploit devices running iOS versions between 18.4 and 18.7 through compromised websites.
Cybersecurity Concerns and Future Outlook
The threat posed by DarkSword is further amplified by its ability to deliver backdoors and data miners, allowing unauthorized access and data theft. The discovery of newer versions of this exploit on platforms like GitHub raises alarms about potential widespread misuse by threat actors.
As part of its response, Apple has started issuing Lock Screen notifications to users of older devices, urging them to update their systems to fend off such threats. The tech giant’s swift action reflects its commitment to device security and user privacy, especially as cyber threats continue to evolve.
Experts, including those from iVerify, have highlighted the critical nature of addressing these vulnerabilities to prevent data breaches. The proactive approach of backporting security patches to older software versions is seen as a necessary step in mitigating the risks posed by zero-day exploits.
