In Rare Move, Apple Releases IOS 18 'DarkSword' Patch For Newer IPhones

If you’ve been clinging to iOS 18 to avoid Apple’s Liquid Glass interface, you may be aware that it comes with a security trade-off that exposes your iPhone to vulnerabilities already fixed in iOS 26. But in some good news, Apple is rolling out a fresh version of iOS 18 that will protect newer iPhones from the “DarkSword” attack.

DarkSword can remotely install malware on iPhones running iOS 18.4 to 18.7. Apple released a patch in December via iOS 18.7.3, but only for the iPhone XS and XR, which don’t support iOS 26. Everyone else was encouraged to upgrade to iOS 26 to avoid DarkSword.

Adoption has been slow, however. An estimated 16% to 20% of newer iPhones are still running iOS 18. On social media, some users say they’ve been ducking iOS 26 precisely because of its controversial Liquid Glass interface, which has received mixed reviews for its translucent design.

(Credit: Apple)

So, as Wired first reported, Apple is taking the rare step of “backporting” its security patches. We’re up to iOS 18.7.7, released last week, also just for the iPhone XS and XR. But it’s now available for newer models, including the iPhone 11 through iPhone 16 and the second-gen iPhone SE, meaning they, too, get the DarkSword patch. Apple did the same with iPadOS 18.7.7.

“Users with Automatic Updates turned on can automatically receive important security protections from web attacks called DarkSword,” Apple says.

To manually install iOS 18.7.7 on your iPhone, navigate to Settings > General > Software Update. Scroll down to Also Available and tap iOS 18.7.7 and choose whether to install it now or later.

Get Our Best Stories!

Stay Safe With the Latest Security News and Updates

SecurityWatch Newsletter Image

Sign up for our SecurityWatch newsletter for our most important privacy and security stories delivered right to your inbox.

By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy
Policy.

Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

iOS 18.7.7

(Credit: PCMag/Apple)

The threat of DarkSword has only grown after a user leaked the attack online, making it easy for other hackers to adopt and potentially improve it. Suspected Russian state-sponsored hackers have been sending phishing emails with a link to websites hosting the DarkSword exploit.

“Leaving those users exposed would be a hard decision to defend, particularly for a company that centers its brand around security and privacy,” said Rocky Cole, a co-founder of iVerify, one of the cybersecurity providers that investigated and warned about DarkSword. “Apple has found itself in a unique position now, where in the past, the vast majority of users upgraded to the latest iOS within 2 weeks of release, iOS 26 had a very public pushback against it.”

Recommended by Our Editors

In an updated support page, Apple wrote: “Devices with older versions of iOS 18 will receive an additional alert to install a Critical Security Update.”

However, some users say DarkSword pushed them to update to iOS 26 prior to Wednesday’s release. “I reluctantly updated to iOS 26.4 because of the exploit, and now they are releasing it for all devices,” wrote one disappointed user on Reddit.

For even older iPhones, Apple released a “software update for iOS 15 and iOS 16 on March 11, 2026, to extend protection to older devices that cannot update to the latest version of iOS.” The built-in Lockdown Mode can also protect against DarkSword and other attacks that exploit malicious web content.