Apple’s Rare iOS 18 DarkSword Patch: What It Fixes and Who Should Install Now

Apple has pushed a rare iOS 18 DarkSword patch, and if your iPhone is still on iOS 18, you should pay attention. This update, iOS 18.7.7, fixes DarkSword-related web attacks that can install malware after you visit a compromised website. You do not always need to move to iOS 26 to get this protection now, which is what makes this Apple update unusual.

In plain English, this patch matters because DarkSword can turn a normal web visit into a serious security problem. That is not the kind of risk you want to leave sitting on your phone.

Why this rare iOS 18 update matters in 2026

Apple usually wants compatible devices to move to the newest major version of iOS for security fixes. Once a new major release is out, Apple does not often keep sending older-version security patches to newer phones.

That changed here.

Apple first released iOS 18.7.7 and iPadOS 18.7.7 on March 24, 2026, but only for a small group of older devices. Then on April 1, 2026, Apple expanded the rollout to many more iPhones and iPads. The goal was simple: close the DarkSword gap for people still using iOS 18.

If you have Automatic Updates turned on, Apple says you can receive this as an important security update. If not, you can go into Software Update and choose the latest patched version of iOS 18 or move to iOS 26.

What DarkSword fixes and why the threat is serious

DarkSword is a web-based exploit kit that targets vulnerable iPhones and iPads running iOS 18.4 through 18.7. According to the reporting behind this update, attackers have used it since July 2025 in campaigns targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.

Here is the basic attack flow:

  1. Attackers compromise a real website.
  2. They load malicious HTML and JavaScript onto that site.
  3. You visit the page on a vulnerable device.
  4. DarkSword can trigger from the browser session.
  5. Malware, backdoors, or data-stealing tools can be deployed.

That type of setup is called a watering hole attack. You are not tricked into installing an app. You just land on the wrong site at the wrong time.

Researchers say DarkSword has been used to deploy backdoors, a dataminer, and data-stealing malware. Reports also link it to credential theft, private messages, emails, passcodes, and some crypto wallet app data. Some campaigns appear to grab what they can in seconds or minutes, then clean up quickly.

The risk went up after a newer version of DarkSword leaked on GitHub. Once exploit code becomes public, more threat actors can copy it, test it, and improve it. That is a big reason Apple is pushing this patch harder now.

Which devices can install iOS 18.7.7 now

Apple expanded iOS 18.7.7 and iPadOS 18.7.7 to a much wider device list.

Supported iPhones

  • iPhone XR
  • iPhone XS
  • iPhone XS Max
  • iPhone 11 models
  • iPhone SE 2nd generation
  • iPhone 12 models
  • iPhone 13 models
  • iPhone SE 3rd generation
  • iPhone 14 models
  • iPhone 15 models
  • iPhone 16 models
  • iPhone 16e

Supported iPads

  • iPad mini 5th generation through A17 Pro models
  • iPad 7th generation through A16 models
  • iPad Air 3rd generation through 5th generation
  • iPad Air 11-inch M2 through M3
  • iPad Air 13-inch M2 through M3
  • iPad Pro 11-inch 1st generation through M4
  • iPad Pro 12.9-inch 3rd generation through 6th generation
  • iPad Pro 13-inch M4

If your device is on that list and still running iOS 18 or iPadOS 18, this patch is for you.

Who should install this Apple patch right now

You should install this update now if any of these sound like you:

  • You are still on iOS 18.4, 18.5, 18.6, 18.6.2, or 18.7
  • You delayed iOS 26 because you did not like the interface changes
  • You turned off Automatic Updates
  • You use your iPhone for work, school, finance, law, research, or government tasks
  • You travel often or click links from email, messaging apps, or social posts
  • You manage sensitive data on your device

Security researchers estimate that a meaningful share of iPhone users are still on older iOS 18 builds. Even conservative estimates suggest millions of devices remain exposed. That alone makes this a patch you should not put off.

Why Apple’s backport is unusual

This is a rare backport. Apple is bringing important DarkSword protections to supported devices that are staying on iOS 18, even if many of those phones can run iOS 26.

That is not Apple’s normal pattern.

Usually, the message is straightforward: update to the newest iOS version. Apple still recommends iOS 26 for the most advanced protection. But in this case, Apple is also giving iOS 18 users a patched path, which helps people who are not ready to jump yet.

Honestly, that is probably the practical move. A lot of people delay major updates. Apple seems to know that, and DarkSword raised the pressure enough to make an exception.

How to install iOS 18.7.7

If Automatic Updates are enabled, your iPhone or iPad may receive the patch automatically.

If you want to install it yourself:

  1. Open Settings
  2. Tap General
  3. Tap Software Update
  4. Look under Also Available
  5. Choose iOS 18.7.7 or iPadOS 18.7.7
  6. Tap to download and install

Apple has also reportedly started showing extra alerts on older iOS and iPadOS versions to warn users about web-based attacks and push them to update.

Should you install iOS 18.7.7 or jump to iOS 26?

If you are comfortable moving to iOS 26, that is still Apple’s preferred route. It gives you the newest full security track.

But if you want to stay on iOS 18 for now, install iOS 18.7.7 immediately. That is the whole point of this release. It closes an active, real-world risk without forcing a major OS change.

Think of it like this:

  • Want the newest platform and broadest protections? Move to iOS 26.
  • Want to stay on iOS 18 but stop the DarkSword risk? Install iOS 18.7.7 now.

Either choice is better than staying on an older unpatched build.

What about older iPhones and iPads on iOS 15 or iOS 16?

Apple also released updates for older devices that cannot move to the newest iOS path. Reports mention:

  • iOS 15.8.7
  • iPadOS 15.8.7
  • iOS 16.7.15
  • iPadOS 16.7.15

Those updates were also meant to address exploit activity tied to DarkSword and another kit called Coruna.

If your device cannot run the latest software, install the newest security update it does support.

Extra protection if you are at higher risk

If you think you may be a target, or you work in a sensitive field, consider enabling Lockdown Mode. This limits some phone features to reduce attack surface from sophisticated threats, including malicious web content.

This is especially worth considering for:

  • journalists
  • researchers
  • government staff
  • executives
  • activists
  • lawyers
  • people handling sensitive accounts or documents

It is not necessary for everyone, but it is a smart fallback if you cannot update right away.

Final takeaway

DarkSword is not a theoretical issue. It has been used in real attacks, it spreads through compromised websites, and leaked code has made the threat easier to reuse. Apple’s rare iOS 18.7.7 patch exists for one reason: too many users on iOS 18 still need protection now.

So if your iPhone or iPad is still on iOS 18, install the patch today. You do not need to wait, and you do not need to stay exposed.

FAQ

What does the iOS 18.3 update do?

iOS 18.3 provides important bug fixes, security updates, and addresses an issue that may prevent playback of some streaming content. It is a general maintenance and security update, not the specific DarkSword backport discussed here.

Which iPhones get iOS 26?

Based on Apple’s current upgrade path referenced in reporting around this patch, iPhones that support iOS 26 generally include the iPhone 11 series and newer, plus iPhone SE 2nd generation and newer. The iPhone XS, XS Max, and XR were specifically noted as not supporting iOS 26.

What iPhones can't update to iOS 18?

Phones older than the iPhone 11 do not receive iOS 18, including the iPhone XS, iPhone XS Max, and iPhone XR, according to the People Also Ask phrasing provided in the research. In the context of this DarkSword story, those devices were instead called out as not supporting iOS 26.

What all does the new iOS 18 update do?

The new iOS 18 security update, iOS 18.7.7, fixes DarkSword-related security issues for users staying on iOS 18. It adds protections against web-based attacks that can use compromised websites to install malware, deploy backdoors, and steal information. It also gives iOS 18 users a patched option without forcing an immediate move to iOS 26.