{“lastseen”:”2025-08-21T14:33:25″,”description”:”Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware of) that is reportedly being used in targeted attacks.\\n\\nThe updates cover:\\n\\n * iOS 18.6.2 and iPadOS 18.6.2 (iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later);\\n * iPadOS 17.7.10 (iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation);\\n * macOS Sequoia 15.6.1;\\n * macOS Sonoma 14.7.8; and\\n * macOS Ventura 13.7.8.\\n\\n\\n\\nApple has acknowledged reports that attackers may have already used this flaw in a highly sophisticated operation aimed at specific, high\u2011value targets.\\n\\nBut history teaches us that once a patch goes out, attackers waste little time recycling the same vulnerability into broader, more opportunistic campaigns. What starts as a highly targeted campaign often trickles down into mass exploitation against everyday users.\\n\\nThat’s why it’s important that everyone takes the time to update now.\\n\\n## How to update your iPhone or iPad\\n\\nFor iOS and iPadOS users, you can check if you\u2019re using the latest software version, go to **Settings \\u003e General \\u003e Software Update**. You want to be on iOS 18.6.2 or iPadOS 18.6.2 (or 17.7.10 for older models), so update now if you\u2019re not. It\u2019s also worth turning on Automatic Updates if you haven\u2019t already. You can do that on the same screen.\\n\\n\\n\\n## How to update your Mac\\n\\nFor Mac users, click on the Apple menu in the top-left corner of your screen and open **System Settings**. From there, scroll down until you find **General** , then select **Software Update**. Your Mac will automatically check for new updates. If an update is available, you\u2019ll see the option to download and install it. Depending on the size of the update, this process might take anywhere from a few minutes to an hour, and your machine will need to restart to complete the installation.\\n\\nAs always, it\u2019s a good idea to make sure you\u2019ve saved your work before using the **Restart Now** button. Updates can sometimes require more than one reboot, so allow some downtime. After you install the update, your system gains stronger protection, and you can use your Mac without the constant worry of this vulnerability hanging over you.\\n\\n## Technical details\\n\\nThe flaw is tracked as CVE-2025-43300 and lies in the Image I\/O framework, the part of macOS that does the heavy lifting whenever an app needs to open or save a picture.__ The problem came from an out-of-bounds write. Apple stepped in and tightened the rules with better bounds checking, closing off the hole so attackers can no longer use it.\\n\\nAn out-of-bounds write vulnerability means that the attacker can manipulate parts of the device\u2019s memory that should be out of their reach. Such a flaw in a program allows it to read or write outside the bounds the program sets, enabling attackers to manipulate other parts of the memory allocated to more critical functions. Attackers can write code to a part of the memory where the system executes it with permissions that the program and user should not have.\\n\\nIn this case, an attacker could construct an image to exploit the vulnerability. Processing such a malicious image file would result in memory corruption. Memory corruption issues can be manipulated to crash a process or run attacker\u2019s code.\\n\\n* * *\\n\\n**We don\u2019t just report on phone security\u2014we provide it**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.”,”published”:”2025-08-21T12:04:30″,”modified”:”2025-08-21T12:04:30″,”type”:”malwarebytes”,”title”:”All Apple users should update after company patches zero-day vulnerability in all platforms”,”source”:””,”references”:””,”id”:”MALWAREBYTES:706BCD0DE2FB27440170B7A638B7B2F0″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2025-43300″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:8.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/08\/all-apple-users-should-update-after-company-patches-zero-day-vulnerability-in-all-platforms”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-08-21T14:33:25″,”description”:”Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware of) that is…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,41,12,15,115,13,7,11,5],"class_list":["post-13878","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-88","tag-exploit","tag-high","tag-malwarebytes","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n