On November 19, Apple released iOS 18.1.1, which addresses two significant security issues that could potentially allow attackers to take control of affected devices. According to Apple’s support page, the vulnerabilities affect the JavaScriptCore framework and the WebKit engine that powers the Safari browser.
The first vulnerability, tracked as CVE-2024-44308, is in this framework. If exploited, it could allow arbitrary code to run when a user interacts with malicious web content.
The second bug, CVE-2024-44309, affects WebKit and can lead to cross-site scripting attacks that expose sensitive information such as cookies and session tokens.
“This code would hopefully be limited to existing sandbox protections, but could allow attackers to redirect users to malicious pages and potentially steal session tokens,” Forbes said.
Mixed reactions from iPhone users
However, others have reported ongoing issues and unresolved bugs, including “annoying media control error after Standby mode” and “oversaturated screenshots”.
Another user pointed out a bug affecting dark mode: “IOS 18.1.1 bug detected – I have dark mode on but only some app icons change. I have to toggle dark mode on and off for it to actually activate. this problem?”
Additionally, some users reported significant battery drain after installing iOS 18.1.1. according to The Daily Mail.
While iOS 18.1.1 focuses on security fixes, users interested in new features can look forward to iOS 18.2. The iOS 18.2 public beta introduces features such as improvements to Apple Intelligence (AI), including Genmoji, a tool that allows users to create their own emoji based on text descriptions.
Other additions in the beta include improvements to the Find My app, new mail categories, and Visual Intelligence, Apple’s answer to Google Lens. However, these features are currently only available to developers and beta testers with specific iPhone models.