Apple has released an important security update for iPhones, iPadOS and macOS. It fixes a zero-day threat.
The update comes just a week after iOS 18.6.1 was released, although that wasn't a security update. It shipped alongside watchOS 11.6.1, to bring the new Blood Oxygen experience for Apple Watch Series 10, Series 9, and Ultra 2 in the United States.
This week's update, iOS 16.8.2, patches a single issue, a security vulnerability that is tracked under CVE-2025-43300. The exploit is described as an out-of-bounds write issue related to the ImageIO framework. Processing a malicious image file, aka a spyware hidden in a photo, could result in memory corruption.
Apple says that it is aware that the issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. The language used here is interesting, as it is very similar to high profile spyware attacks that have happened before. Apple had patched a zero-day threat in February this year, when iOS 18.3.1 and macOS 15.3.1 were released. That threat turned out to be associated with Paragon's Graphite spyware (according to Citizen Lab), and it was described by Apple in similar fashion. No wonder they rushed to patch the newest threat. The release notes for iOS 18.6.2 state that the issue was addressed with improved bounds checking.
The security patch is available via the iOS 18.6.2 update for the iPhone XS and later, and is included in the iPadOS 18.6.2 update which is compatible with the following iPad models: Pad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Apple has also released the update for some older gen iPads. Users with an iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, or iPad 6th generation should install iPadOS 17.7.10 to patch the vulnerability.
The security fix is also available for Mac via the macOS Sequoia 15.6.1, macOS Sonoma 14.7.8 and macOS Ventura 13.7.8 updates. It is strongly recommended to update to the latest OS version possible to protect your device and your data.
Thank you for being a Ghacks reader. The post Apple releases fix for a zero-day threat in iOS, iPadOS and macOS appeared first on gHacks Technology News.
0 Commentaires