iOS 18.3.1 and iPadOS 18.3.1 Fix Critical Zero-Day Vulnerability

Apple released yesterday iOS 18.3.1 and iPadOS 18.3.1 to fix a critical zero-day vulnerability that may already be used to steal data from locked iPhones and iPads. Attackers exploiting this security flaw can disable the USB Restricted Mode to allow iPhones and iPads to connect to USB accessories while locked.

“A physical attack may disable USB Restricted Mode on a locked device,” the company explained in the release notes. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

While it’s recommended to install these security updates as soon as possible, multiple users who disabled Apple Intelligence features on eligible iPhones and iPads discovered that they had been re-enabled automatically (via MacRumors). This issue with Apple Intelligence on eligible devices also affects Mac users installing macOS 15.3.1, which was released yesterday alongside iOS 18.3.1 and iPadOS.18.3.1. This macOS update also includes security fixes, but it has no published CVE entries.

If you see an Apple Intelligence splash screen after installing these updates, you may want to double-check if the AI features are enabled or not in the Settings app. Apple Intelligence does take some storage to run Apple’s AI models locally, and that’s why you may want to turn off the features on your devices.