Apple has released security updates for iPhones, iPads, and Macs to address a zero-day vulnerability that’s being used in targeted attacks. The updates cover various devices, including iPhone XS and later, iPad Pro 13-inch and later, and Macs running macOS Ventura, Sonoma, Sequoia, and more.
The vulnerability, tracked as CVE-2025-43300, lies in the Image I/O framework on macOS, allowing attackers to manipulate parts of the device’s memory. This could result in memory corruption issues that can crash a process or run attacker code.
Apple has acknowledged reports that attackers may have already used this flaw in a highly sophisticated operation targeting specific, high-value targets. However, it’s essential to note that once a patch is released, attackers often recycle the same vulnerability into broader, more opportunistic campaigns.
To protect yourself, update your device now. For iOS and iPadOS users, go to Settings > General > Software Update to check for the latest version (iOS 18.6.2 or iPadOS 18.6.2) and consider enabling Automatic Updates. On Macs, click the Apple menu and open System Settings to automatically check for updates.
Remember, taking proactive steps now can help prevent exploitation by attackers. For more information on mobile device security, visit our blog and explore resources like Malwarebytes for iOS and Android.
Source: https://www.malwarebytes.com/blog/news/2025/08/all-apple-users-should-update-after-company-patches-zero-day-vulnerability-in-all-platforms