Apple has begun distributing its latest update, iOS 18.3.1, addressing a serious security issue that affects the Accessibility service. The flaw could allow an attacker with physical access to a device to disable USB Restricted Mode—a security feature introduced in iOS 11.4.1 that prevents unauthorized USB connections unless the device has been unlocked within the past hour.
The vulnerability, which was first uncovered by Bill Marczak from The Citizen Lab at The University of Toronto’s Munk School, may have already been exploited in targeted attacks. Apple's release notes specify that the update resolves a critical issue that could potentially allow a physical attack on locked iPhones and iPads via a USB connection.
The update is available for all supported iPhone models, including the iPhone 16 series and older devices back to the iPhone XS. Users are encouraged to check for and install the update by navigating to Settings > General > Software Update > Install Now.