Apple Addresses Critical Security Flaws in iOS 15 and 16

Data Breaches

Published:

Reading time: 3 min.

Apple Issues Critical Security Updates for Legacy Operating Systems

On Monday, Apple took a significant step in bolstering the security of its devices by issuing critical updates that address three actively exploited zero-day vulnerabilities. These vulnerabilities affect legacy versions of its operating systems, underscoring the importance of keeping devices updated, even if they are not running the latest software.

Understanding Zero-Day Vulnerabilities

Zero-day vulnerabilities are security flaws that are exploited by attackers before the vendor has had a chance to issue a fix. These vulnerabilities can pose serious risks, especially when they are actively being exploited in the wild. Apple’s latest updates are a reminder of the ongoing battle between cybersecurity professionals and malicious actors, particularly as state-sponsored threats become more sophisticated.

CVE-2025-24200: USB Restricted Mode Bypass

The first vulnerability, designated CVE-2025-24200, was patched in several versions, including iOS 16.7.11, iPadOS 16.7.11, iOS 15.8.4, and iPadOS 15.8.4. This vulnerability allows a physical attacker to disable USB Restricted Mode, a critical security feature designed to prevent unauthorized data access through the USB port when an iPhone or iPad has been locked for over an hour.

Apple indicated that CVE-2025-24200 “may have been exploited in an extremely sophisticated attack against specific targeted individuals,” suggesting potential involvement from state-sponsored actors. This vulnerability is particularly concerning for high-value targets such as government officials, journalists, and senior business executives. Although it was initially patched in February for newer operating systems, it remained unresolved in older versions until now.

CVE-2025-24201: WebKit Flaw

The second vulnerability, CVE-2025-24201, was also addressed in iOS 16.7.11, iPadOS 16.7.11, iOS 15.8.4, and iPadOS 15.8.4. This flaw resides in WebKit, the browser engine used by Safari. It allows malicious code running within the Web Content sandbox—an isolated environment meant to contain browser-based threats—to escape and compromise broader system components.

CVE-2025-24201 was first mitigated in iOS 17.2 in late 2023, followed by a supplemental patch in iOS 18.3.2, macOS Sequoia 15.3.2, visionOS 2.3.2, and Safari 18.3.1. The retrospective fix for older operating systems is crucial, as it protects users who may not have upgraded to the latest versions.

CVE-2025-24085: Use-After-Free Vulnerability

The third vulnerability, CVE-2025-24085, was patched in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. This use-after-free vulnerability exists in Apple’s Core Media framework, which is responsible for handling media processing tasks such as audio and video playback in apps. Attackers can exploit this flaw to seize control of deallocated memory, allowing them to execute privileged malicious code.

Originally patched in January with iOS 18.3 and other updates, Apple has now backported the fix to older systems, ensuring that users are protected against this serious threat.

Additional Vulnerabilities Addressed in iOS 18.4

In addition to addressing the aforementioned vulnerabilities, Apple also released iOS 18.4, which includes new features and fixes for several other vulnerabilities. Notable issues addressed in this update include:

  • CVE-2025-30456: A flaw in the DiskArbitration framework that allowed apps to escalate their privileges to root.
  • CVE-2025-24097: A flaw in AirDrop that allowed unauthorized apps to access file metadata, such as creation dates or user details.
  • CVE-2025-31182: A flaw in the libxpc framework that lets apps delete arbitrary files on the device.
  • CVE-2025-30429, CVE-2025-24178, CVE-2025-24173: Flaws that allowed apps to break out of the sandbox in Calendar, libxpc, and Power Services, respectively.
  • CVE-2025-30467: A flaw in Safari that could allow malicious websites to spoof the address bar.

Importance of Updating Devices

Apple users are strongly urged to update their devices immediately to guard against exploitation of these now-publicized vulnerabilities. While most users will receive automatic update prompts, manual updates can be performed via Settings, General, and then Software Update.

In an era where cyber threats are increasingly prevalent, staying informed and proactive about device security is essential. Regular updates not only enhance functionality but also protect users from potential exploits that could compromise their personal information and privacy.

Related articles

Recent articles

Latest Updates

Popular

© Fullcirclecyber .com