Apple has published security updates for iPhones, iPads and Macs to correct zero-day vulnerability (a vulnerability of which Apple was not previously informed) which would be used in targeted attacks.
Updates coverage:
Apple has recognized the reports according to which attackers may have already used this flaw in a very sophisticated operation intended for specific targets of high value.
But history teaches us that once a patch comes out, the attackers waste little time to recycle the same vulnerability in wider and more opportunistic campaigns. What starts as a highly targeted campaign often affects mass exploitation against daily users.
This is why it is important that everyone takes the time to update now.
How to update your iPhone or iPad
For iOS and iPados users, you can check if you use the latest version of the software, go to Settings> General> Software update. You want to be on iOS 18.6.2 or iPados 18.6.2 (or 17.7.10 for the old models), then update now if you are not. It is also worth turning on automatic updates if you have not already done so. You can do it on the same screen.
How to update your Mac
For Mac users, click the Apple menu in the upper left corner of your screen and open System settings. From there, scroll down until you find GeneralThen select Software update. Your Mac will automatically check the new updates. If an update is available, you will see the download option and install it. Depending on the size of the update, this process can take from a few minutes to an hour and your machine must restart to finish the installation.
As always, it’s a good idea to make sure you saved your work before using the Restart button. Updates can sometimes require more than one restart, so allow some time to stop. After installing the update, your system acquires stronger protection and you can use your Mac without the constant concern of this vulnerability suspended on you.
Technical details
The flaw is followed in the form of CVE-2025-43300 and lies within the framework of images, the part of macOS which makes heavy lifting each time an application must open or save an image. The problem came from an off -ading writing. Apple has intervened and tightened the rules with better verification of the limits, closing the hole so that the attackers can no longer use it.
Outstanding writing vulnerability means that the attacker can handle parts of the memory of the device that should be out of their reach. Such a defect in a program allows it to read or write outside the limits of the program, allowing attackers to manipulate other parts of memory allocated to more critical functions. The attackers can write code in part of the memory where the system executes it with authorizations that the program and the user should not have.
In this case, an attacker could build an image to exploit vulnerability. The processing of such a malicious image file would cause memory corruption. Memory corruption problems can be handled to crush a process or execute the attacker’s code.
We are not only reporting on phone security – we provide it
The risks of cybersecurity should never spread beyond a title. Keep threats to your mobile devices by downloading Malwarebytes for iOS and Malwarebytes for Android today.
