Apple has expanded the availability of a critical security update to protect a wider range of iPhones and iPads from a sophisticated exploit kit. The company announced on Wednesday, April 1, 2026, that it is now offering the iOS 18.7.7 and iPadOS 18.7.7 updates to more devices than initially released. This action is a direct response to the public disclosure of a threat known as DarkSword, which poses a significant risk to user security and device integrity.

Addressing the DarkSword Vulnerability

The core purpose of the iOS 18.7.7 update is to patch vulnerabilities that are actively exploited by the DarkSword exploit kit. Security researchers characterize DarkSword as a collection of tools designed to take advantage of specific, unpatched flaws in Apple’s mobile operating system. Such kits can potentially allow malicious actors to gain unauthorized access to a device, install spyware, or steal sensitive data without the user’s knowledge.

By broadening the rollout, Apple ensures that a larger segment of its user base can receive the necessary protections. The company stated that users who have enabled the Automatic Updates feature on their eligible devices will receive the security patch automatically. This method is intended to streamline the process and enhance overall ecosystem security with minimal required action from the end-user.

Expanded Device Coverage and User Action

While Apple did not publish an exhaustive list of newly included devices in its brief announcement, the expansion typically includes older models that still receive security support but may not be eligible for the latest major OS versions. This practice is part of Apple’s standard security protocol to support devices often for several years after their initial release.

For users who do not use automatic updates, the patch is available manually through the Settings app. The path is generally Settings > General > software update. Security experts consistently advise installing such security updates promptly upon release, as they serve as the primary defense against known and actively circulating threats like DarkSword.

Importance of Proactive Security Updates

The rapid deployment of this expanded update underscores the ongoing cat-and-mouse game between platform security teams and threat actors. Exploit kits like DarkSword are often sold or traded in underground forums, making their capabilities available to a wide range of malicious groups. Once a vulnerability is publicly known, the window for exploitation widens significantly until users install the corrective patch.

Apple’s move to quickly include more devices helps to close this window faster across its entire active device fleet. It mitigates the risk of a fragmented security landscape where only users with the newest hardware are protected, leaving others exposed to potential attacks.

Looking Ahead and Next Steps

Based on Apple’s established patterns, the company will likely continue to monitor for any new activity related to the DarkSword vulnerabilities or similar threats. Further silent updates to the security content of the iOS 18.7.7 release may be delivered if necessary. Users of very old devices not included in this expansion should consult Apple’s official support pages for information on their specific model’s update status and recommended security practices.

The broader technology industry will observe how effectively this update rollout contains the DarkSword threat. Independent security researchers are expected to analyze the patch details in the coming days to better understand the specific flaws that were corrected. Apple typically provides more detailed information about the nature of patched vulnerabilities in a subsequent support document, which will offer clearer insight into the severity and mechanics of the DarkSword exploit kit.

Source: GeekWire