Apple has recently announced that it will provide rare security patches for users on iOS 18 in response to the emergence of a sophisticated hacking tool called DarkSword. This marks a significant shift in Apple’s typical policy of requiring users to upgrade to the latest iOS version to receive security updates. Until now, Apple has maintained a strict stance regarding security updates, typically necessitating that users upgrade for protection.
DarkSword is a hacking method capable of silently taking control of iPhones running iOS 18 when users visit infected websites. While users operating the more recent iOS 26 are already protected from this threat, millions of iPhone users have remained on iOS 18 due to various reasons, including preferences for its user interface.
Apple’s decision to backport important security fixes to iOS 18 is particularly aimed at protecting these users, many of whom have been vocal about their reluctance to transition to iOS 26, citing dissatisfaction with its new features, such as the "liquid glass" interface.
An Apple representative disclosed that the patches would start rolling out shortly, allowing users with automatic updates to receive protection without the need to upgrade. However, those without auto-update can manually select between the updated iOS 18 or the newer iOS 26.
Criticism of Apple’s previous lack of backported patches rose as DarkSword spread among hacker communities, which have reportedly utilized it for various malicious activities, including espionage and cryptocurrency theft. The hacking tool was even made available on open-source platforms like GitHub, raising accessibility concerns for potential attackers.
The backporting move comes in light of increased scrutiny over Apple’s security practices, especially considering that this is now the second major iOS vulnerability that prompted Apple to offer patches for older versions within a short timeframe. Earlier this month, the company also provided updates for iOS 17 to combat another sophisticated hacking toolkit known as Coruna.
As cybersecurity experts have noted, Apple’s historical avoidance of backporting patches has generally escaped major backlash due to the relative rarity of widespread iOS hacking incidents. However, incidents like those sparked by DarkSword have forced a reflection on the security implications of its policy. Given the variety of reasons people may choose not to upgrade—be it app compatibility or storage limitations—there’s a prevailing concern that maintaining a strict upgrade requirement leaves a substantial user base exposed to security threats.
