Technology & Science
Apple Backports DarkSword Patch: iOS 18.7.7 Reaches Hold-outs on April 1 2026
For the first time since 2020, Apple pushed a same-day security backport—iOS 18.7.7 on 1 Apr 2026—to every device still on iOS 18, including the roughly 25 % of iPhones that could run iOS 26 but refused the upgrade, closing the DarkSword zero-click spyware hole without forcing the controversial “Liquid Glass” interface.
Focusing Facts
- Patch build 22H340 (iOS/iPadOS 18.7.7) shipped 1 Apr 2026, extending fixes previously limited to iOS 26 and to non-26-capable devices since 24 Mar 2026.
- DarkSword exploits iOS 18.4-18.7 through six chained zero-days; public source code leaked to GitHub mid-March 2026, prompting U.S. CISA warnings.
- Apple’s own telemetry shows only 50-66 % of active iPhones had adopted iOS 26 by February 2026, leaving millions newly eligible for the backport.
Context
Apple’s volte-face recalls Microsoft’s 13 May 2017 emergency patch for unsupported Windows XP during the WannaCry ransomware outbreak: when a threat spills beyond the vendor’s planned lifecycle, pragmatism beats policy. This backport signals a deeper shift—mobile OS security is no longer a linear march to the ‘latest version,’ because UI overhauls, storage ceilings, and regulatory friction (e.g., the UK age-verification features) stall adoption. By acknowledging a quarter of its users will lag, Apple tacitly concedes that zero-day marketplaces, now industrialised and leaking tools like DarkSword within weeks, outrun traditional update cadences. On a century scale, the episode marks another node in the tension between centralized platform control and end-user autonomy: each time a vendor widens support windows, it chips at the walled-garden model it built, hinting that future security regimes may resemble public-health inoculations—targeted, rapid, and decoupled from product marketing cycles rather than optional cosmetic upgrades.
Perspectives
Apple-focused enthusiast sites
iClarified, Financial Express — They frame Apple’s back-ported iOS 18.7.7 release as a decisive, user-friendly move that brings critical DarkSword protections to hold-outs who opted against iOS 26. By highlighting Apple’s ‘unusual’ generosity and offering how-to guides, they gloss over earlier weeks of exposure and help reinforce Apple’s narrative that upgrading (preferably to iOS 26) is still the best path.
Sceptical consumer tech blogs
Gizmodo, TechRadar — They interpret the back-port as Apple’s reluctant olive branch to users who ‘hate’ the new ‘Liquid Glass’ interface, produced only after public pressure and Wired’s reporting. The focus on UI complaints and Apple’s tardiness can overshadow the serious security dimension, catering to an audience eager for takes that needle Apple’s design choices.
Mainstream business & security outlets
Forbes, Hindustan Times — They cast the update as an urgent, unprecedented response to a spyware toolkit so dangerous that ‘ALL iPhone users’ must patch immediately or risk total compromise. Using dramatic language and expert quotes ramps up fear, which can drive clicks and reinforce the publications’ reputations for breaking high-stakes cybersecurity warnings while sidelining discussion of Apple’s prior patching strategy.
Like what you're reading?