Saturday, April 26, 2025
Latest:
News

Apple Urges Immediate Updates to Fix Critical Zero-Day Exploits

HackAcademy

Apple has released a series of urgent software updates to address three zero-day vulnerabilities actively targeting older iOS and macOS devices. Users are strongly advised to update their iPhones, iPads, and Macs immediately to safeguard against potential threats.

On Monday, Apple rolled out critical fixes for three previously unknown vulnerabilities that have come under active exploitation in the wild. The affected vulnerabilities—spanning components in Core Media, Accessibility, and WebKit—pose significant security risks, particularly for older devices still running previous operating system versions.

Among the vulnerabilities addressed are:

  • CVE-2025-24085 (CVSS 7.3): A use-after-free bug in the Core Media component that could allow malicious applications already installed on a device to elevate privileges. This issue has been patched in macOS Sonoma 14.7.5, macOS Ventura 13.7.5, and iPadOS 17.7.6.

  • CVE-2025-24200 (CVSS 4.6): An authorization flaw in the Accessibility component, which could enable a malicious user to disable USB Restricted Mode on locked devices during a physical cyber attack. Fixes are available in iOS 15.8.4, iPadOS 15.8.4, iOS 16.7.11, and iPadOS 16.7.11.

  • CVE-2025-24201 (CVSS 8.8): An out-of-bounds write issue in the WebKit component that could allow an attacker to craft malicious web content capable of breaking out of the Web Content sandbox. This vulnerability has been remedied in the same versions as CVE-2025-24200.

In addition to these critical patches, Apple also released comprehensive updates across its platforms: iOS 18.4 and iPadOS 18.4 now address 62 flaws, macOS Sequoia 15.4 fixes 131 issues, tvOS 18.4 addresses 36 vulnerabilities, visionOS 2.4 corrects 38 security shortcomings, and Safari 18.4 closes 14 flaws.

Although none of the newly disclosed vulnerabilities have been confirmed to be exploited at scale, experts caution that staying updated is essential to preempt potential cyberattacks. Older devices, in particular, are at higher risk, making these updates crucial for users who have held onto legacy hardware.

Apple’s commitment to continuous improvement in security underscores the importance of regular updates in a landscape where cyber threats evolve rapidly. Users are encouraged to check for updates immediately to ensure their devices remain secure.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *