Apple Issues Fix for Immediate Exploit Flaw Impacting iPads and iPhones
Apple Releases Emergency Security Updates to Address Highly Sophisticated Zero-Day Vulnerability
Apple has issued emergency security updates for various Apple devices in response to a recently discovered zero-day vulnerability, CVE-2025-43300. Unlike the specific individuals targeted by the exploitation of CVE-2025-24200, which have not been publicly disclosed, the attacks using CVE-2025-43300 were reportedly targeted at specific individuals in highly sophisticated attacks.
The vulnerability is said to have the potential to disable USB restricted mode on locked iPads and iPhones, posing a significant security risk. Apple's policy is to not discuss, disclose, or confirm security issues until an investigation has been completed and patches or releases are available.
The security updates aim to secure iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, iPad mini 5th generation and later, iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation. The updates are intended to patch the zero-day vulnerability and improve state management.
The advisory, issued on February 10, 2025, states that the issue may have been exploited and advises immediate installation of the security updates. The vulnerability, CVE-2025-24200, is now patched in iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5.
Apple encourages all users to install the updates as soon as possible to secure their iPads and iPhones. The company has not disclosed any details about the specific nature of the attacks or the individuals targeted, citing the need to protect user privacy and security. However, the reported sophistication of the attacks underscores the importance of regular security updates and vigilance in the face of potential threats.
